pinentry
auto15963931 at hushmail.com
auto15963931 at hushmail.com
Wed Apr 4 21:03:26 CEST 2012
I use gpg on Windows OS. On the command line when I use this
command:
gpg -d filename.asc
a pinentry window pops up requesting my passphrase. If it happens
that the message was encrypted with the option --throw-keyids, then
the pinentry window, not knowing which key was used, starts with
one of my keys arbitrarily and requests the passphrase for it. I
have two questions about this procedure. First, if I know which
key was used and I want to select it, I can click the "Cancel"
button at the time I see the arbitrary key dialogue window, and
then the program will select another key, again apparently
arbitrarily, and so on in succession, until it gets to the one I
want, at which time I can enter the correct passphrase and get the
decrypted result. However, much of the time I find that using this
procedure does not cause the pinentry dialogue to move from one key
to another but instead causes the dialogue window to close after
either the first or second clicking on the cancel button instead of
continuing on down through the complete list of keys I have
available. It just fails to decrypt. This failure occurs mostly
when I first try to use the procedure, but then it starts working
properly after a few tries even though I do exactly the same steps
each time. Why does it fail initially? Is this a known issue?
I have noticed a number of instances of failures during batch
decryption too, even though the pinentry dialogue does not arise of
course. These failures result in the "--status-file" indicating
that the decryption failed although in fact I can find the
decrypted message present.
Secondly, what is the correct way to handle this sort of procedure
under these circumstances so that indeed all the keys would be
tried each time? My initial thought is to include the option "--
try-all-secrets" in order to prevent the failure and premature
closing of the decryption attempts during batch processes. Thanks.
More information about the Gnupg-users
mailing list