Unable to get gpg-preset-passphrase working with gpg2 + gpg-agent in Ubuntu Xenial

Austin Witt witt.austin at gmail.com
Thu Aug 16 07:32:45 CEST 2018

I want:

To be able to configure an Ubuntu Xenial machine with passphrase-protected
gpg2 keys on disk, and have a running gpg-agent with a passphrase for the
keys pre-loaded by a script. "Users" of this environment should never see a
gpg passphrase prompt: the script will have been run and will have
populated the gpg-agent with the passphrase for the keys before they run a
single command.

I'd settle for getting it working with vanilla gpg2, but ultimately I want
git to be able to sign commits.

I've had a hard time tracking down online documentation that speaks
specifically to gpg 2.1+; most of what I've found (on the stackexchange
sites, forums, and mailing lists, etc) reference older versions of gpg,
especially where gpg-agent is concerned.

I execute gpg-preset-passphrase to the best of my understanding, but all
GPG tools still prompt me for a passphrase. After entering the passphrase,
the gpg-agent correctly saves it and I avoid any future prompts.

I suspect that one of the following is true:

1. I don't know how to use gpg-preset-passphrase 2.1.11
2. gpg-preset-passphrase 2.1.11 doesn't work with gpg-agent 2.1.11
3. gpg-preset-passphrase 2.1.11 doesn't work in Ubuntu Xenial

To aid in debugging, I have created a git repository that builds an Ubuntu
Xenial Docker image that reproduces the issue. Really it just does what I
am trying to do, in the environment I was trying to do it in, and fails the
same way.

So, while I'll quickly tell you some relevant things about my environment,

1. OS: Ubuntu 16.04.5 LTS
2. gpg2 version: gpg (GnuPG) 2.1.11
3. gpg-agent version: gpg-agent (GnuPG) 2.1.11
4. gpg-preset-passphrase version: gpg-preset-passphrase (GnuPG) 2.1.11

You can (if you have "docker" installed), visit & clone
https://github.com/Gengar003/linux-gpg2-agent-preset to reproduce & explore
my situation in my exact environment with my exact commands.

My actual questions are:

1. Am I using gpg-agent correctly for gpg 2.1+?
2. Am I using gpg-preset-passphrase correctly for gpg 2.1+?
3. Should gpg-preset-passphrase work with gpg 2.1+?
4. Does anyone know of a working example of a preset passphrase with
gpg-agent in gpg 2.1+?

Thank you for your time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180816/ce3bca34/attachment.html>

More information about the Gnupg-users mailing list