gpg: cannot open /dev/tty: Permission denied

Randy Harmon
Wed, 15 Sep 1999 11:33:18 -0700

On Wed, Sep 15, 1999 at 06:56:35PM +0200, Matthias Urlichs wrote:

> Hi,
> Randy Harmon:
> > > I assumed that he wants to use it in a CGI script or something like
> > > this and then it is not a good idea to write to the tty anyway.
> >
> If you're running on a web server then the web server has been putting
> itself into the background, thus it doesn't have a tty, thus opening
> /dev/tty will fail anyway, regardless of permissions.
> > What exactly is it trying to write to the tty, anyway?
> >
> It's probably trying to read a passphrase, confirm a key, or whatever.
Thanks for the input. However, you cut out the quote of my statement that I'm trying to do both. In this case, I'm at the command line, and I can't see that it should go to /dev/tty for any reason. Passphrase, key-confirmation or whatever should go to the controlling terminal (at least that's what I would expect).
> ALWAYS use --batch when calling gpg from non-terminal programs.
Understood. That's not the case here. Unfortunately, I fail to hear an answer here yet. The Author suggested that it was trying to WRITE to the tty, and I'm curious what it's trying to send there. Specifically, let's ask this question for a Verify signature operation, where I have exactly one key on my keyring, and where I'm verifying a signature from the owner of that pubkey. Then, let's specifically ask this question for a key-gen operation, where I'm sitting on a secured terminal (ssh). I could see it gathering entropy from the controlling terminal, but I understand that it will look for entropy in /dev/random instead. So again: why /dev/tty in this case? Lastly, why /dev/tty in the case where I try to encrypt to the single public key that happens to be on my keyring? If there's no easy answer here, I'll understand that I need to read the source. If an easy answer is forthcoming, I'll appreciate that time savings. Randy