Well to be honest I am getting really confused. Everything was
working today when I changed to GPG v1 on the template VM but today
after a full power cycle Enigmail is telling me that it no longer
supports GPG v1 ... and there were no updated made to Enigmail or
Thunderbird that I am aware between power cycles.
So I switched back on v2 on the template VM and then ran the
commands you listed below on the client and backend VMs (both Debian
8) and they both list the private keys.
The error itself (when using GPGv2) from Enigmail is complaining
about gpg-agent. Going to the Enigmail log when trying to e-mail
myself I get the following:
2016-02-27 11:23:55.238 [DEBUG] system.jsm:
determineSystemCharset
2016-02-27 11:23:55.238 [DEBUG] system.jsm:
determineSystemCharset: charset='iso-8859-1'
2016-02-27 11:23:55.238 [DEBUG] system.jsm: determineSystemCharset
2016-02-27 11:23:55.238 [DEBUG] system.jsm:
determineSystemCharset: charset='iso-8859-1'
2016-02-27 11:23:55.238 [DEBUG] errorHandling.jsm:
parseErrorOutputWith: statusFlags = 00400000
2016-02-27 11:23:55.238 [DEBUG] errorHandling.jsm:
parseErrorOutputWith: return with c.errorMsg = gpg: WARNING: The
GNOME keyring manager hijacked the GnuPG agent.
gpg: WARNING: GnuPG will not work properly - please configure
that tool to not interfere with the GnuPG system!
2016-02-27 11:23:55.238 [DEBUG] execution.jsm:
EnigmailExecution.fixExitCode: agentType: gpg exitCode: 0
statusFlags 4194304
2016-02-27 11:23:55.238 [DEBUG] encryption.jsm:
encryptMessageEnd: command execution exit code: 1
2016-02-27 11:24:25.442 [ERROR] mimeEncrypt.js: caught
exception: undefined
Message: 'undefined'
File: undefined
Line: undefined
Stack: undefined
2016-02-27 11:24:26.759 [DEBUG] enigmailMsgComposeOverlay.js:
ECSL.ComposeProcessDone: 2147500037
2016-02-27 11:24:26.760 [DEBUG] enigmailMsgComposeOverlay.js:
Enigmail.msg.removeAttachedKey:
2016-02-27 11:24:30.180 [DEBUG] traverseTree: menu_EnigmailPopup2
[...]
The command being used according to the debug console is:
/usr/bin/qubes-gpg-client-wrapper --charset utf-8 --display-charset utf-8 --use-agent --batch --no-tty --status-fd 2 -a -t --encrypt --trust-model always -r <email> -u <email>
Now to make things even more interesting if I ran that command from
a terminal in the client VM it works fine:
echo "I am an encrypted message" |
/usr/bin/qubes-gpg-client-wrapper --charset utf-8
--display-charset utf-8 --use-agent --batch --no-tty --status-fd
2 -a -t --encrypt --trust-model always -r email -u email
[GNUPG:] PROGRESS need_entropy X 8 16
[GNUPG:] PROGRESS need_entropy X 16 16
[GNUPG:] BEGIN_ENCRYPTION 2 9
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2
[...]
-----END PGP MESSAGE-----
[GNUPG:] END_ENCRYPTION
On 02/27/2016 12:33 AM, Marek Marczykowski-Górecki wrote:
On Fri, Feb 26, 2016 at 06:25:45PM +0000,
Nuno Branco wrote:
> No one replied so I am guessing I am the only one. It turns
out the
> problem also occurred on 3.0 latest branch so I am wondering
if there
> were any recent changes on /etc/qubes-rpc/qubes.Gpg ? I
changed the file
> to gpg v1 and it is working fine again.
If you have gpg 2.1 (which is the case in Fedora 23), it needs to
migrate secret keys to the new location. It is done automatically
for
example when you list the keys (apparently it isn't done before
decryption, which I guess is your problem). You can either call:
- from backend VM: gpg2 -K
- from client VM: qubes-gpg-client -K
Not sure if this is the problem you have, since you've mentioned
usage
of Debian template, which have older gpg version. But maybe...
> In any case there seems to be some sort of issue with
Enigmail + GPGv2 +
> Split GPG
> On 02/25/2016 10:11 PM, Nuno Branco wrote:
>> Not sure if I should start a different thread but for me
this has
>> broken my GPG split configuration (using enigmail and
Debian 8
>> templates for both VMs), seems there is some kind of
problem
>> communicating between the VMs or the Gnome Keyring.
>>
>> Anyone else experiencing the same issue?
>>
>> I upgraded by the way and not a clean install (although
everything was
>> working fine before the latest patches).
>>
>> On 02/25/2016 08:12 PM, raah...@gmail.com wrote:
>>> Only issue i noticed so far was sys-whonix didn't
auto start on first boot, and it is colored black like the
templates instead of purple. so didn't even realize it was created
at first.
>>>
>>
>> --
>>
>>
>> Best regards,
>> Nuno Branco
>>
>> For secure messages please MIT PGP Database <use>
>> If you are not familiar with PGP please use this link to
send secure
>> messages <https://encrypt.to/nuno.branco@neomailbox.ch>
to me.
>> --
>> You received this message because you are subscribed to
the Google
>> Groups "qubes-users" group.
>> To unsubscribe from this group and stop receiving emails
from it, send
>> an email to qubes-users...@googlegroups.com
>> <mailto:qubes-users+unsubscribe@googlegroups.com>.
>> To post to this group, send email to qubes...@googlegroups.com
>> <mailto:q...@googlegroups.com>.
>> To view this discussion on the web visit
>>
https://groups.google.com/d/msgid/qubes-users/56CF7BF7.102%40neomailbox.ch
>>
<https://groups.google.com/d/msgid/qubes-users/56CF7BF7.102%40neomailbox.ch?utm_medium=email&utm_source=footer>.
>> For more options, visit https://groups.google.com/d/optout.
>
|