scute / firefox: cannot connect to GPG agent

Damien Goutte-Gattat dgouttegattat at
Sun Jun 4 14:04:55 CEST 2017


On 06/03/2017 12:48 AM, Fabian Peter Hammerle wrote:
> As far as I understand gpg-agent is running.

Can you please check whether it is really the case? E.g., check that the 
socket indicated by "gpgconf --list-dir agent-socket" does exist?

> After reading
> I noticed that $GPG_AGENT_INFO was not set.

Yes, GnuPG 2.1 does not use (nor set) that variable anymore. But Scute 
still needs it in order to locate the socket, especially now that the 
socket is no longer always located in $GNUPGHOME.

If I remember correctly, the problem goes like this:

1) Scute looks for GPG_AGENT_INFO
2) The variable does not exist, so Scute looks for the socket in $GNUPGHOME
3) The socket is not there (because it is now somewhere under 
[/var]/run), so Scute assume there's no running agent
4) Scute spawns a new agent with the --use-standard-socket option (which 
used to instruct the agent to create its listening socket in $GNUPGHOME, 
but which has no effect with GnuPG 2.1)
5) Scute still does not find the socket in $GNUPGHOME, and thus fails 
with "Cannot connect to GPG Agent"

To avoid this, you need both to set the GPG_AGENT_INFO variable and make 
sure that the agent is running before you start Firefox (simply calling 
"gpg-connect-agent /bye" is enough).

> However, setting the path manually did not solve the problem:
> $ gpgconf --list-dir agent-socket
>> /run/user/1000/gnupg/S.gpg-agent
> $ GPG_AGENT_INFO=/run/user/1000/gnupg/S.gpg-agent firefox

The GPG_AGENT_INFO variable must have the following form: 
"PATH_TO_SOCKET:PID:VERSION", where PID is the running agent's process 
ID and VERSION is the version of the agent protocol (which must be 1). 
Otherwise Scute will ignore the variable.

So try instead:

GPG_AGENT_INFO=$(gpgconf --list-dir agent-socket):0:1 firefox

(The PID can be set to zero because as far as I know Scute does not 
actually use that information.)

Hope that helps,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170604/fe40d168/attachment.sig>

More information about the Gnupg-users mailing list