Issue with pinentry GUI agent
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Mon Sep 3 09:58:24 CEST 2018
On 08/29/2018 12:41 AM, Kristian Fiskerstrand wrote:
> On 08/28/2018 08:22 PM, Daniel Kahn Gillmor wrote:
>> On Sat 2018-08-25 08:18:48 +0200, sunrises at gmx.com wrote:
>>> Hi all, since some days I'm having an issue with pinentry, I've set the default agent as pinentry-qt4
>>> from update-alternatives (I've also tried pinentry-qt and pinentry-gnome) but when I run gpg --decrypt file
>>> it's always falling on the cli for prompting the password. In .gnupg/gpg-agent.conf as the first line I have
>>> pinentry-program /usr/bin/pinentry-qt4 as well, but I don't get why it's ignoring it.
>>> There's a way to debug what's going on?
>>
>> can you give a little bit more information about your system (OS,
>> version, version of gpg, version of pinentry, etc), and how you're
>> accessing it (e.g. via ssh, via a graphical environment, etc)?
>>
>> have you terminated your gpg-agent program ("gpgconf --kill gpg-agent")
>> after updating your settings in ~/.gnupg/gpg-agent.conf so that the
>> settings would take effect?
>
> Not sure if it is related, but I'm currently also investigating an issue
> with the qt pinentry for Gentoo installations. no similar issues for the
> other ones.. I'm able to reproduce failures with the auto-spawned
> gpg-agent though, that doesn't materialize when calling the pinentry
> application directly in an environment.
>
> In this case the gtk2 pinentry works as expected though... but something
> is possibly off with the handling of DISPLAY (as far as I've gotten in
> my debugging that is the only diff in the env vars between the direct
> invocation and the bash propmpted one, it might not be ultimately relevant)
>
Just to have it mentioned, turned out this was an issue with missing
keep-display in gpg-agent.conf, without this the Qt4/5 pinentry fail
(although I've been told it is not an issue in KDE environment).
gpg-agent without keep-display still seems to send display as argument
in --display :0 style, but this does not seem to be honored.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"Strength lies in differences, not in similarities."
(Stephen Covey)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180903/d47fecd9/attachment.sig>
More information about the Gnupg-users
mailing list