GnuPG lacks a default pinentry program

  • Done
  • quality assurance status badge
Details
5 participants
  • Alexandre Hannud Abdo
  • Brice Waegeneire
  • Ludovic Courtès
  • Raghav Gururajan
  • Ricardo Wurmus
Owner
unassigned
Submitted by
Raghav Gururajan
Severity
important
Merged with

Debbugs page

Raghav Gururajan wrote 6 years ago
Cannot generate key pair with GnuPG
(address . bug-guix@gnu.org)
20190724060027.32bd2325@disroot.org
Hello Guix!

The current gnupg package in guix has "pinentry" as a missing
dependency.

Because of this, GnuPG throws the following error upon attempting to
generate key pairs:

gpg: agent_genkey failed: No pinentry
gpg: key generation failed: No pinentry

So it appears, unless the above mentioned dependency issue is fixed,
one cannot create gpg key pairs. :(

Regards,
RG.
Raghav Gururajan wrote 6 years ago
(address . 36784@debbugs.gnu.org)
58bc24045bcb5f43a4906f4b4edfc22e3071ebd8.camel@disroot.org
Hello Guix!

After brief discussion on IRC channel, I found out that adding
"pinentry-program /home/user/.guix-profile/bin/pinentry-program" to
"gpg-agent.conf" in "/home/user/.gnupg", was able to temproarily
resolve the situation. Thanks to Ricardo (rekado).

I still suggest that there should be a default/fallback option for
this. After reviewing guix repository, I found pinentry, emacs-
pinentry, pinentry-tty, pinentry-qt, pinentry-gtk2, pinentry-gnome3,
pinentry-emacs and pinentry-efl, as available pinentry programs.

Out of all, I suggest pinentry to be set as default/fallback option for
gnupg in guix, as it is platform-independent and provides both CUI
(console) and GUI.

Thank you!

Regards,
RG.
Raghav Gururajan wrote 6 years ago
severity 36784 important
(address . control@debbugs.gnu.org)
cedd5b5a756ada41468c60dbb4cd96025c77c1bd.camel@disroot.org
severity 36784 important
Ricardo Wurmus wrote 6 years ago
Re: bug#36784: Cannot generate key pair with GnuPG
(name . Raghav Gururajan)(address . raghavgururajan@disroot.org)(address . 36784@debbugs.gnu.org)
8736iu9sjc.fsf@elephly.net
Raghav Gururajan <raghavgururajan@disroot.org> writes:

Toggle quote (9 lines)
> I still suggest that there should be a default/fallback option for
> this. After reviewing guix repository, I found pinentry, emacs-
> pinentry, pinentry-tty, pinentry-qt, pinentry-gtk2, pinentry-gnome3,
> pinentry-emacs and pinentry-efl, as available pinentry programs.
>
> Out of all, I suggest pinentry to be set as default/fallback option for
> gnupg in guix, as it is platform-independent and provides both CUI
> (console) and GUI.

I think it would be good to have a sensible default. Is there a good
reason not to include pinentry-tty or somemthing similarly small?

--
Ricardo
Raghav Gururajan wrote 6 years ago
(name . Ricardo Wurmus)(address . rekado@elephly.net)(address . 36784@debbugs.gnu.org)
d7b5c373105105ab03da3df8eba2bfa160ec6698.camel@disroot.org
Toggle quote (3 lines)
> Is there a good
> reason not to include pinentry-tty or somemthing similarly small?

It appears pinentry-tty is only console-based. If graphical
applications like MUA, Key Managers etc require pinentry-program, it
usually uses pop-up (gui) for passphrase input. Since pinentry provides
both console and gui, I suggested it as it will be well-rounded
solution. :)

Regards,
RG.
Ricardo Wurmus wrote 6 years ago
(name . Raghav Gururajan)(address . raghavgururajan@disroot.org)(address . 36784@debbugs.gnu.org)
87y30m8chc.fsf@elephly.net
Raghav Gururajan <raghavgururajan@disroot.org> writes:

Toggle quote (9 lines)
>> Is there a good
>> reason not to include pinentry-tty or somemthing similarly small?
>
> It appears pinentry-tty is only console-based. If graphical
> applications like MUA, Key Managers etc require pinentry-program, it
> usually uses pop-up (gui) for passphrase input. Since pinentry provides
> both console and gui, I suggested it as it will be well-rounded
> solution. :)

I guess the reason for not adding a graphical pinentry is that this
would increase the package closure of the gnupg package.

Perhaps we should add gnupg-minimal for use in other package
definitions.

--
Ricardo
Raghav Gururajan wrote 6 years ago
(name . Ricardo Wurmus)(address . rekado@elephly.net)(address . 36784@debbugs.gnu.org)
7811b37c6cf040de2a3aafdd52dc92a7a94230a7.camel@disroot.org
Toggle quote (3 lines)
> Perhaps we should add gnupg-minimal for use in other package
> definitions.

That would actually be wise.

Regards,
RG.
Ludovic Courtès wrote 6 years ago
control message for bug #36784
(address . control@debbugs.gnu.org)
87k1b2wc7j.fsf@gnu.org
retitle 36784 GnuPG lacks a default pinentry program
quit
Brice Waegeneire wrote 5 years ago
merge 37266 36784
(address . control@debbugs.gnu.org)
e8ff57377c8b7ad8062683ee07881da0@waegenei.re
severity 37266 important
merge 37266 36784
quit
Brice Waegeneire wrote 5 years ago
merge 37266 24076
(address . control@debbugs.gnu.org)
b767d0eb10e4a8c78b1ad74488c636be@waegenei.re
severity 24076 important
merge 37266 24076
quit
Alexandre Hannud Abdo wrote 4 years ago
(address . control@debbugs.gnu.org)
8c9825b8e41f4dcfd9ecd9f0351b3d73eebee325.camel@member.fsf.org
unarchive 24076
-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQQ4aRTDkc5D704CYnMQUI+lk7e+bQUCYIHuHAAKCRAQUI+lk7e+
badoAJwJdK4XrqTpviE7KTetMMG2GhOWGwCdG6OE73MnZUfQu32I0Lj8OydxmYo=
=2Z9Z
-----END PGP SIGNATURE-----


?
Your comment

This issue is archived.

To comment on this conversation send an email to 36784@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 36784
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help