gnupg cannot use pinentry

Done

Details

2 participants

Christopher Howard
Rodion Goritskov

Owner: unassigned

Submitted by: Christopher Howard

Severity: normal

Debbugs page

Christopher Howard wrote 3 months ago

Recipients:(address . bug-guix@gnu.org)

Message-ID:87cyihsqjy.fsf@librehacker.com

Something changed recently (last system reconfigure?) where the 'pass' software broke for me, apparently because gnupg is not finding pinentry, or not using it correctly for some reason.

```
christopher@theoden ~$ pass gatecode 
gpg: decryption failed: No secret key
christopher@theoden ~$ cd .password-store/
christopher@theoden ~/.password-store$ gpg -d gatecode.gpg 
gpg: encrypted with 3072-bit RSA key, ID F80E1B3D662D41E9, created 2021-12-14
      "Christopher Howard (pass) <christopher@librehacker.com>"
gpg: public key decryption failed: No pinentry
gpg: decryption failed: No secret key
```

I can work around this like so:

```
christopher@theoden ~/.password-store$ gpg --pinentry-mode loopback -d gatecode.gpg
<...asks for passcode on command line...>
gpg: encrypted with 3072-bit RSA key, ID F80E1B3D662D41E9, created 2021-12-14
      "Christopher Howard (pass) <christopher@librehacker.com>"
<...snipped for confidentiality...>
```

After this, I can then run pass for a little while, as credentials are cached or however that works. 

I might try a rollback or something and see if I can isolate this issue. Pinentry itself is available:

```
christopher@theoden ~$ which pinentry
/home/christopher/.guix-home/profile/bin/pinentry
```

``` guix describe
Generation 153	Nov 20 2024 09:29:24	(current)
  guix 804f8b2
    repository URL: https://git.savannah.gnu.org/git/guix.git
    branch: master
    commit: 804f8b2094f3214c5b129047c1b18a7779720496
```

Here is my system information:

```
christopher@theoden 
------------------- 
OS: Guix System x86_64 
Host: OptiPlex 9020 00 
Kernel: 6.11.8-gnu 
Uptime: 5 days, 1 hour, 14 mins 
Packages: 159 (guix-system) 
Shell: bash 5.1.16 
Resolution: 1920x1080 
DE: GNOME 
Theme: Adwaita [GTK2/3] 
Icons: Adwaita [GTK2/3] 
Terminal: launch-local-em 
CPU: Intel i5-4570 (4) @ 3.600GHz 
GPU: AMD ATI Radeon HD 8490 / R5 235X OEM 
GPU: Intel HD Graphics 
Memory: 3343MiB / 15907MiB 
```

-- 
📛 Christopher Howard
🚀 gemini://gem.librehacker.com
🌐 http://gem.librehacker.com

בראשית ברא אלהים את השמים ואת הארץ

Rodion Goritskov wrote 3 months ago

Recipients:(address . 74548@debbugs.gnu.org)

Message-ID:874j3r6owb.fsf@bumblebee-mighty.mail-host-address-is-not-set

Hi!

How do you configure gpg agent?

I use home-gpg-agent-service-type (from the module (gnu home services

gnupg)) [1], where I use a configuration like

this (I use pinentry-qt):

(service home-gpg-agent-service-type

(home-gpg-agent-configuration (pinentry-program

(file-append

pinentry-qt

"/bin/pinentry-qt"))))

[1] - https://guix.gnu.org/manual/devel/en/guix.html#GNU-Privacy-Guard

Christopher Howard wrote 3 months ago

Recipients:(name . Rodion Goritskov)(address . rodion.goritskov@gmail.com)(address . 74548@debbugs.gnu.org)

Message-ID:87zflit0ny.fsf@librehacker.com

Rodion Goritskov <rodion.goritskov@gmail.com> writes:

Toggle quote (17 lines)> Hi!
>
> How do you configure gpg agent?
>
> I use home-gpg-agent-service-type (from the module (gnu home services
> gnupg)) [1], where I use a configuration like
> this (I use pinentry-qt):
>
> (service home-gpg-agent-service-type
> 	 (home-gpg-agent-configuration (pinentry-program
>                                         (file-append
>                                          pinentry-qt
>                                          "/bin/pinentry-qt"))))
>
> [1] - https://guix.gnu.org/manual/devel/en/guix.html#GNU-Privacy-Guard
>

Hi, thanks for the response. As far as I can tell, I don't have any pinentry configuration stuff explicity specified with in my guix home config or in my system config. I think, during the last few years before this suddenly broke, that pinentry-gnome3 would pop up whenever I first tried to access the "pass" utility.

I'll try adding that service, with pinentry-gnome3 or maybe pinentry-emacs.

Christopher Howard

Christopher Howard wrote 3 months ago

Recipients:(name . Rodion Goritskov)(address . rodion.goritskov@gmail.com)(address . 74548-done@debbugs.gnu.org)

Message-ID:8734j92a2f.fsf@librehacker.com

After adding the home service for gnupg as recommended (but with -gnome3) everything seems to be working great. Thanks!

Christopher Howard

Closed

Your comment

This issue is archived.

To comment on this conversation send an email to 74548@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 74548

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags

mumi command -t +confirmed -t +easy

Or, remove the moreinfo tag and set the help tag

mumi command -t -moreinfo -t +help

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date