[opensuse] Enigmail fails to sign posts (12,1)
I get this error when attempting to send and sign: +++························ OpenPGP Alert Send operation aborted. Key 0xEB267D05 not found or not valid. The (sub-)key might have expired. gpg command line and output: gpg No protocol specified xprop: unable to open display ':0.0' No protocol specified (pinentry-gtk-2:6432): Gtk-WARNING **: cannot open display: :0.0 gpg-agent[6431]: can't connect to the PIN entry module: End of file gpg-agent[6431]: command get_passphrase failed: No pinentry gpg: problem with the agent: No pinentry gpg: skipped "0xEB267D05": Operation cancelled gpg: [stdin]: clearsign failed: Operation cancelled ························++- I'm using XFCE. This is a 12.1 test partition freshly installed. -- Cheers / Saludos, Carlos E. R. (from 12.1 "Asparagus" GM (bombadillo)) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am 07.08.2012 12:40, schrieb Carlos E. R.:
I get this error when attempting to send and sign:
+++························ OpenPGP Alert
Send operation aborted.
Key 0xEB267D05 not found or not valid. The (sub-)key might have expired.
gpg command line and output: gpg No protocol specified xprop: unable to open display ':0.0' No protocol specified
(pinentry-gtk-2:6432): Gtk-WARNING **: cannot open display: :0.0 gpg-agent[6431]: can't connect to the PIN entry module: End of file gpg-agent[6431]: command get_passphrase failed: No pinentry gpg: problem with the agent: No pinentry
^^^^^^^^^^^ (pinentry-gtk-2:6432): Gtk-WARNING **: cannot open display: :0.0 pinentry-gtk cannot open a display. So you cannot enter your passphrase and everything fails. The issue seems to sit deeper than enigmail. Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2012-08-07 12:47, Wolfgang Rosenauer wrote:
Am 07.08.2012 12:40, schrieb Carlos E. R.:
I get this error when attempting to send and sign:
+++························ OpenPGP Alert
Send operation aborted.
Key 0xEB267D05 not found or not valid. The (sub-)key might have expired.
gpg command line and output: gpg No protocol specified xprop: unable to open display ':0.0' No protocol specified
(pinentry-gtk-2:6432): Gtk-WARNING **: cannot open display: :0.0 gpg-agent[6431]: can't connect to the PIN entry module: End of file gpg-agent[6431]: command get_passphrase failed: No pinentry gpg: problem with the agent: No pinentry ^^^^^^^^^^^ (pinentry-gtk-2:6432): Gtk-WARNING **: cannot open display: :0.0
But pinentry is indeed installed.
pinentry-gtk cannot open a display. So you cannot enter your passphrase and everything fails. The issue seems to sit deeper than enigmail.
Any idea how to solve that? I have tried to tell enigmail NOT to use the agent, to no avail. I see that there is no agent running in the session, even though the session properties specify that the gnome kyering: gpg agent is set to start. Gnome keyring is installed. When I start the session I see in the log +++························ Aug 7 12:44:53 bombadillo gnome-keyring-daemon[6828]: The GPG agent was already initialized Aug 7 12:44:53 bombadillo gnome-keyring-daemon[6828]: The SSH agent was already initialized Aug 7 12:44:53 bombadillo gnome-keyring-daemon[6828]: The PKCS#11 component was already initialized ························++- But "ps afxu | grep -i agent" shows only: +++························ cer@bombadillo:~> ps afxu | grep -i agent cer 7916 0.0 0.0 8048 856 pts/2 S+ 13:01 0:00 | \_ grep --color=auto -i agent cer 7083 0.0 0.0 181960 5536 ? Sl 12:44 0:00 /usr/lib/polkit-gnome-authentication-agent-1 cer@bombadillo:~> ························++- Much earlier I see (I have started the session several times): +++························ Aug 7 12:40:45 bombadillo gnome-keyring-daemon[5537]: unsupported key algorithm in certificate: 1.2.840.10045.2.1 Aug 7 12:40:45 gnome-keyring-daemon[5537]: last message repeated 4 times Aug 7 12:40:45 bombadillo gnome-keyring-daemon[5537]: couldn't parse certificate data Aug 7 12:40:45 bombadillo gnome-keyring-daemon[5537]: couldn't parse certificate(s): /etc/ssl/certs/README.RootCerts ························++- So maybe there is a certificate it does not like, but that daemon is running. -- Cheers / Saludos, Carlos E. R. (from 12.1 "Asparagus" GM (bombadillo)) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-08-07 13:08, Carlos E. R. wrote: It is working now, I do not know why. The only change I did was install "gpgme", which was not a requirement per dependencies - -- Cheers / Saludos, Carlos E. R. (from 12.1 "Asparagus" GM (bombadillo)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAg+kUACgkQU92UU+smfQU6jQCghYALCY1Wcy9jKfknx49gbE2G AEAAoJQqE1WNT+vyW5xQbw2ulIxRQ0kB =1p+D -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-08-07 13:21, Carlos E. R. wrote:
On 2012-08-07 13:08, Carlos E. R. wrote:
It is working now, I do not know why. The only change I did was install "gpgme", which was not a requirement per dependencies
Now I have another problem: it never asks for the password again, the agent has no timeout. I hibernated the machine for 24 hours, and the agent still remembers the password. And I don't see where to configure that timeout. I think it might be done by "gnome-keyring-daemon", but I don't know how to control it. Curious... I have seahorse installed, but not seahorse-daemon :-? What is caching the passphrases, then? - -- Cheers / Saludos, Carlos E. R. (from 12.1 "Asparagus" GM (bombadillo)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAi/OMACgkQU92UU+smfQVKfgCcDNEyur6FKPyT3xKDYnKRpKw3 xpQAn3mHuh3ZE2bLjv7h3Bxjwx7988hL =pSUW -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-08-09 01:57, Carlos E. R. wrote:
And I don't see where to configure that timeout.
Found it. I had to log-out, log-in, send a test email, and I got the prompt for the password. In the dialog, click on "details", and there were several options: it was set to not forget till log-out! That is a dangerous setting. - -- Cheers / Saludos, Carlos E. R. (from 12.1 "Asparagus" GM (bombadillo)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAi//AACgkQU92UU+smfQVJ+wCfeRZ05zgGpXJQW2zzZHGarFrC 5d4An15EBdDnTGMSEU4+7dSM/JpnrEJ4 =4IDl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (4)
-
Carlos E. R.
-
Carlos E. R.
-
Carlos E. R.
-
Wolfgang Rosenauer