gpg-agent 2.1.x interop with gpg 1.4.x

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Oct 28 21:40:18 CET 2014


On Mon 2014-10-13 14:10:06 -0400, Werner Koch wrote:
> On Thu,  9 Oct 2014 22:17, dkg at fifthhorseman.net said:
>
>> i don't think a wrapper for gpg-agent would be sufficient, would it?
>> gpg1 never invokes gpg-agent directly.
>
> Just so that user script keep on working as expected. Bit see below.
>
>> Another alternative, if you don't want to change anything in gpg 2.1
>> itself, is that we can modify the Xsession startup script
>> (/etc/X11/Xsession.d/90gpg-agent) that debian ships that enbles the
>
> That would indeed be the easiest way and better future-proof.

OK, so i'm taking this approach, i think it's sensible.

however, i'm now trying to use gpg-agent from 2.1.0~beta895 with gpg
1.4.18, and i'm seeing "gpg-agent protocol version 0 is not supported"

0 test at testmachine:~$ gpg-agent --daemon
0 test at testmachine:~$ export GPG_AGENT_INFO=${HOME}/.gnupg/.S.gpg-agent:0
0 test at testmachine:~$ echo test | gpg --clearsign

You need a passphrase to unlock the secret key for
user: "test user <test at example.org>"
2048-bit RSA key, ID 495CD78F, created 2014-10-28

gpg: gpg-agent protocol version 0 is not supported
Enter passphrase: 
gpg: Interrupt caught ... exiting

130 test at testmachine:~$ 


This suggests that we won't be able to mix and match the agent with gpg
1.4.x at all -- is that the plan for 2.1.0, or am i testing or building
something wrong?  Should i be able to use the gpg-agent from 2.1.0 with
gpg 1.4.x?

        --dkg

PS I'm concerned that all this work for the sake of co-installability
   and interoperability between local versions is distracting from the
   goal of getting 2.1.0 more widely, but (at least in debian) we've
   made a commitment to this strategy for the moment.

   Maybe that goal needs to be re-thought?  That's probably a topic for
   a separate thread of discussion.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20141028/31c3d65c/attachment.sig>


More information about the Gnupg-devel mailing list