gpg-agent 2.1.x interop with gpg 1.4.x
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 28 21:40:18 CET 2014
On Mon 2014-10-13 14:10:06 -0400, Werner Koch wrote:
> On Thu, 9 Oct 2014 22:17, dkg at fifthhorseman.net said:
>
>> i don't think a wrapper for gpg-agent would be sufficient, would it?
>> gpg1 never invokes gpg-agent directly.
>
> Just so that user script keep on working as expected. Bit see below.
>
>> Another alternative, if you don't want to change anything in gpg 2.1
>> itself, is that we can modify the Xsession startup script
>> (/etc/X11/Xsession.d/90gpg-agent) that debian ships that enbles the
>
> That would indeed be the easiest way and better future-proof.
OK, so i'm taking this approach, i think it's sensible.
however, i'm now trying to use gpg-agent from 2.1.0~beta895 with gpg
1.4.18, and i'm seeing "gpg-agent protocol version 0 is not supported"
0 test at testmachine:~$ gpg-agent --daemon
0 test at testmachine:~$ export GPG_AGENT_INFO=${HOME}/.gnupg/.S.gpg-agent:0
0 test at testmachine:~$ echo test | gpg --clearsign
You need a passphrase to unlock the secret key for
user: "test user <test at example.org>"
2048-bit RSA key, ID 495CD78F, created 2014-10-28
gpg: gpg-agent protocol version 0 is not supported
Enter passphrase:
gpg: Interrupt caught ... exiting
130 test at testmachine:~$
This suggests that we won't be able to mix and match the agent with gpg
1.4.x at all -- is that the plan for 2.1.0, or am i testing or building
something wrong? Should i be able to use the gpg-agent from 2.1.0 with
gpg 1.4.x?
--dkg
PS I'm concerned that all this work for the sake of co-installability
and interoperability between local versions is distracting from the
goal of getting 2.1.0 more widely, but (at least in debian) we've
made a commitment to this strategy for the moment.
Maybe that goal needs to be re-thought? That's probably a topic for
a separate thread of discussion.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20141028/31c3d65c/attachment.sig>
More information about the Gnupg-devel
mailing list