Confusion about gpg-preset-passphrase

Ingo Klöcker kloecker at kde.org
Fri Mar 3 15:09:16 CET 2023


On Freitag, 3. März 2023 13:09:09 CET efeizbudak via Gnupg-users wrote:
> So I'm trying to use gpg-preset-passphrase but for some reason I keep
> having to enter the passphrase all the same. I run
> 
> /usr/libexec/gpg-preset-passphrase --preset $KEYGRIP

Works for me (with the current development version). I did the following 
(after adding `allow-preset-passphrase` to gpg-agent.conf and restarting
gpg-agent):

$ gpg -K --with-keygrip A151BC5817C228CF
sec   ed25519 2021-02-26 [SC]
      69C701A436FDD496FAE5580AA151BC5817C228CF
      Keygrip = 382BC7C2C4E13EF7D40870B7EB9CDE4AE0232B4E
uid           [ultimate] foo at example.net
ssb   cv25519 2021-02-26 [E]
      Keygrip = B9386D3E742597E532C6BD0978192517A09B41C3

$ echo bla | gpg --armor --encrypt -r A151BC5817C228CF | gpg --decrypt
-> pinentry pops up; I click Cancel
gpg: encrypted with cv25519 key, ID 14AC6E5C812B91E1, created 2021-02-26
      "foo at example.net"
gpg: public key decryption failed: Operation cancelled
gpg: decryption failed: Operation cancelled

$ /opt/gnupg/master/libexec/gpg-preset-passphrase --preset \ 
B9386D3E742597E532C6BD0978192517A09B41C3
test

$ echo bla | gpg --armor --encrypt -r A151BC5817C228CF | gpg --decrypt
-> no pinentry pops up
gpg: encrypted with cv25519 key, ID 14AC6E5C812B91E1, created 2021-02-26
      "foo at example.net"
bla

Are you sure that you used the keygrip of the encryption subkey and not its 
fingerprint? Does caching work if you enter the passphrase in pinentry? (I'm 
asking because I'm wondering whether your max-cache-ttl could be the problem.)

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230303/b826b57c/attachment-0001.sig>


More information about the Gnupg-users mailing list