Setting up a new laptop - importing keyrings

Tue Jan 13 16:16:25 CET 2009

On Tuesday 13 January 2009 08:15:16 Anne Wilson wrote:
> On Monday 12 January 2009 23:20:33 Todd Zullinger wrote:
> > Anne Wilson wrote:
> > > I'm setting up a new netbook, and have copied into the .gnupg folder
> > > my keyrings and associated files from this laptop.  Kgpg lists the
> > > keys correctly, but all is not well.  When I try to set keys for
> > > signing and encryption I get the endless searching bar, as Chris
> > > described a few days ago.
> >
> > I know nothing of Kpg, but perhaps we can determine whether the issue
> > is with gpg or Kgpg and that might narrow down where to look.
> >
> > > I considered starting from an empty keyring and importing signatures
> > > as they arrive in kmail, but I think the problem is that I don't
> > > know how to get the secret key recognised.
> >
> > Are your secret keys listed by "gpg --list-secret-keys" ?
>
> Yes, they are.  All CLI commands work fine.
>
> > If so, then
> > the problem isn't with the keyrings.  It could be with Kgpg or the
> > gpg-agent setup (IIRC, that was what the problem a few days ago was).
>
> I think something is preventing communication between kmail and the
> keyrings, but only in some circumstances.  While I can't, in the Fedora
> installations, set my key to encrypt mail, I can read the encrypted mail
> that comes to me.
>
> I don't think that agent is the problem - it holds the passphrase for the
> correct amount of time.  This is the agent conf file:
>
> pinentry-program /usr/bin/pinentry-qt
> no-grab
> allow-mark-trusted
> default-cache-ttl 3600
> # GPGConf disabled this option here at Fri 13 Jul 2007 10:47:33 IST
> # log-file socket:///home/anne/.gnupg/log-socket
>
> ###+++--- GPGConf ---+++###
> default-cache-ttl 3600
> allow-mark-trusted
> debug-level basic
> log-file socket:///home/anne/.gnupg/log-socket
> ###+++--- GPGConf ---+++### Sun 11 Jan 2009 08:44:43 GMT
> # GPGConf edited this configuration file.
> # It will disable options before this marked block, but it will
> # never change anything below these lines.
>
> It may be relevant to mention that on my Mandriva laptop I use keychain to
> help with remote administration.  There, when I open konsole for the first
> time each morning, I'm asked for the passphrase.  I always then see
>
>  * Warning: can't find annew at kde.org; skipping
> Identity added: /home/anne/.ssh/id_dsa (/home/anne/.ssh/id_dsa)
> can't connect to `/home/anne/.gnupg/log-socket': Connection refused
>
> If this (the last line) isn't relevant to this particular problem I'll deal
> with it in a separate thread later.  It doesn't appear to stop anything
> working.  On that particular laptop everything works as expected except for
> automatically importing keys for signed emails.
>
Are these log messages likely to be relevant?

    kdm: :0: PAM adding faulty module: /lib/security/pam_gnome_keyring.so: 5 
Time(s)
    kdm: :0: PAM unable to dlopen(/lib/security/pam_gnome_keyring.so): 
/lib/security/pam_gnome_keyring.so: cannot open shared object file: No such 
file or directory: 5 Time(s)
    polkit-grant-helper: granted authorization for 
org.freedesktop.packagekit.package-install-untrusted to pid 9436 [uid=500] 
[auth=root]: 1 Time(s)

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090113/fd276f33/attachment.pgp>