gpg-agent issue
16 views
Skip to first unread message
Valentin Reis
Mar 17, 2015, 8:49:24 AM3/17/15
to supmua
Hello,
Sup asks for my gpg passphrase every time it has to encrypt, sign or
decrypt an e-mail, even though I am using gpg-agent.
When decrypting files sequentially using gpg or gpg2, gpg-agent is used,
and I have to provide the passphrase just once.
Here are the contents of my config files:
.gnupg/gpg.conf
keyserver hkp://keys.gnupg.net
use-agent
.gnupg/gpg-agent.conf
pinentry-program /usr/bin/pinentry-curses
.sup/config.yaml
...
:accounts:
:default:
...
:gpgkey: 59EA13A1
...
No crypto hooks in .sup/hooks are in use.
gpg --list-keys
/home/fre/.gnupg/pubring.gpg
----------------------------
pub 2048R/59EA13A1 2014-04-28
uid Valentin Reis <valent...@gmail.com>
sub 2048R/C8DA9D35 2014-04-28
sub 2048R/4F728EEB 2014-04-28
It is a debian machine. Various apt-get output:
gnupg-agent is already the newest version.
libgpgme11 is already the newest version.
gnupg2 is already the newest version.
Cheers!
val
--
Sup asks for my gpg passphrase every time it has to encrypt, sign or
decrypt an e-mail, even though I am using gpg-agent.
When decrypting files sequentially using gpg or gpg2, gpg-agent is used,
and I have to provide the passphrase just once.
Here are the contents of my config files:
.gnupg/gpg.conf
keyserver hkp://keys.gnupg.net
use-agent
.gnupg/gpg-agent.conf
pinentry-program /usr/bin/pinentry-curses
.sup/config.yaml
...
:accounts:
:default:
...
:gpgkey: 59EA13A1
...
No crypto hooks in .sup/hooks are in use.
gpg --list-keys
/home/fre/.gnupg/pubring.gpg
----------------------------
pub 2048R/59EA13A1 2014-04-28
uid Valentin Reis <valent...@gmail.com>
sub 2048R/C8DA9D35 2014-04-28
sub 2048R/4F728EEB 2014-04-28
It is a debian machine. Various apt-get output:
gnupg-agent is already the newest version.
libgpgme11 is already the newest version.
gnupg2 is already the newest version.
Cheers!
val
--
valentin.reis
Mar 17, 2015, 8:51:46 AM3/17/15
to sup...@googlegroups.com
In case this is not clear, I would like sup to use gpg-agent correctly, so as not to have to enter my passphrase repeatedly.
Do any of you see something I'm doing wrong?
Thanks!
Johannes Larsen
Mar 17, 2015, 9:31:11 AM3/17/15
to supmua
gpg-agent caches the passphrase for a limited time (a couple of hours if
remember correctly). to check if this is the problem try signing a file
(thereby providing gpg-agent with a passphrase) then start sup in the
same shell and check if its signs emails. the time gpg-agent caches the
passphrase can be changed with: (~/.gnupg/gpg-agent.conf)
max-cache-ttl <SECONDS>
if the passphrase caching is not the problem you might have initiated
gpg-agent insufficiently. this is what I source from ~/.bashrc to
initiate the gpg-agent or connect to a running gpg-agent:
if [ -f "${HOME}/.gpg-agent-info" ]; then
. "${HOME}/.gpg-agent-info"
export GPG_AGENT_INFO
fi
gpg-agent --daemon --write-env-file "${HOME}/.gpg-agent-info" --quiet &> /dev/null
export GPG_TTY=$(tty)
if you read `man gpg-agent` it mentions that exporting GPG_TTY is
important, so if you do not do this already, it might be a good place to
start.
--
johs (Johannes Larsen), (+47) 41435451
remember correctly). to check if this is the problem try signing a file
(thereby providing gpg-agent with a passphrase) then start sup in the
same shell and check if its signs emails. the time gpg-agent caches the
passphrase can be changed with: (~/.gnupg/gpg-agent.conf)
max-cache-ttl <SECONDS>
if the passphrase caching is not the problem you might have initiated
gpg-agent insufficiently. this is what I source from ~/.bashrc to
initiate the gpg-agent or connect to a running gpg-agent:
if [ -f "${HOME}/.gpg-agent-info" ]; then
. "${HOME}/.gpg-agent-info"
export GPG_AGENT_INFO
fi
gpg-agent --daemon --write-env-file "${HOME}/.gpg-agent-info" --quiet &> /dev/null
export GPG_TTY=$(tty)
if you read `man gpg-agent` it mentions that exporting GPG_TTY is
important, so if you do not do this already, it might be a good place to
start.
--
johs (Johannes Larsen), (+47) 41435451
Valentin Reis
Mar 17, 2015, 9:33:37 AM3/17/15
to supmua
Hi,
I just figured the same thing here :) Thanks for the fast answer.
Indeed, I started sup-mail using a separate script which does not export
the environment variable.
Thanks for the help.
Valentin
Excerpts from Johannes Larsen's message of 2015-03-17 14:31:08 +0100:
--
I just figured the same thing here :) Thanks for the fast answer.
Indeed, I started sup-mail using a separate script which does not export
the environment variable.
Thanks for the help.
Valentin
Excerpts from Johannes Larsen's message of 2015-03-17 14:31:08 +0100:
Reply all
Reply to author
Forward
0 new messages