[opensuse] gpg error get_passphrase failed: Operation cancelled
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window. gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key I'm on 42.2 64 bit. gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
But what desktop? It makes a difference. When you su to a user, no, you will not get a window prompting for the passphrase, because the desktop doesn't belong to that user. The gpg agent (which depends on the desktop and configuration used) does not act, it has not been started for the su-ed user. You should get the prompt for the user passphrase in the same terminal. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
12.03.2017 01:38, Carlos E. R. пишет:
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
But what desktop? It makes a difference.
No.
When you su to a user, no, you will not get a window prompting for the passphrase, because the desktop doesn't belong to that user. The gpg agent (which depends on the desktop and configuration used) does not act, it has not been started for the su-ed user.
You should get the prompt for the user passphrase in the same terminal.
It tries but fails because it has no access to terminal: 3165 open("/dev/pts/0", O_RDONLY) = -1 EACCES (Permission denied) 3165 write(1, "ERR 83886179 canceled", 21) = 21 I wonder - did it ever work before?
Andrei Borzenkov wrote:
12.03.2017 01:38, Carlos E. R. пишет:
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1 But what desktop? It makes a difference.
No.
When you su to a user, no, you will not get a window prompting for the passphrase, because the desktop doesn't belong to that user. The gpg agent (which depends on the desktop and configuration used) does not act, it has not been started for the su-ed user.
You should get the prompt for the user passphrase in the same terminal.
It tries but fails because it has no access to terminal:
3165 open("/dev/pts/0", O_RDONLY) = -1 EACCES (Permission denied) 3165 write(1, "ERR 83886179 canceled", 21) = 21
I wonder - did it ever work before?
I think it did. I have found a work-around which is instead of using su - user, I use ssh -Y user@localhost I have not yet tried installing the gtk-pinentry. Another of my systems is running Tumbleweed and I think I got it to work on there by using gpg --pintentry-mode=loopback But I can't find any such option in the version of gpg on 42.2. I think it should be possible to bypass any pinentry external programs and use gpg alone, as is possible on the console. I don't have a desktop installed, I am using xdm, xorg and ctwm window manager. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-03-12 06:56, Andrei Borzenkov wrote:
12.03.2017 01:38, Carlos E. R. пишет:
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
But what desktop? It makes a difference.
No.
Yes: gnome and xfce have no native agent any more. It is in the release notes. So it did not work for me after upgrade to 42.2 and had to ask for advice here.
I wonder - did it ever work before?
Yes, I have used "su -" and then needed to enter passphrases in the past. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
12.03.2017 21:37, Carlos E. R. пишет:
On 2017-03-12 06:56, Andrei Borzenkov wrote:
12.03.2017 01:38, Carlos E. R. пишет:
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
But what desktop? It makes a difference.
No.
Yes: gnome and xfce have no native agent any more.
How agent (native or not) for different user is relevant here?
I wonder - did it ever work before?
Yes, I have used "su -" and then needed to enter passphrases in the past.
Well, I tested on 13.2 and it fails in exactly the same way, without any GUI involved (i.e su - user on tty).
On 2017-03-12 20:38, Andrei Borzenkov wrote:
12.03.2017 21:37, Carlos E. R. пишет:
On 2017-03-12 06:56, Andrei Borzenkov wrote:
12.03.2017 01:38, Carlos E. R. пишет:
On 2017-03-11 23:25, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
But what desktop? It makes a difference.
No.
Yes: gnome and xfce have no native agent any more.
How agent (native or not) for different user is relevant here?
Because some times, like in my case, the lack of a working agent meant that I could not enter the passphrase at all in XFCE.
I wonder - did it ever work before?
Yes, I have used "su -" and then needed to enter passphrases in the past.
Well, I tested on 13.2 and it fails in exactly the same way, without any GUI involved (i.e su - user on tty).
I can confirm that as well, in 42.2. I tried in console. Logged as another user, then su-ed to my normal user, which is also running the XFCE session. I got the same error as the OP. I logged off, then instead did ssh-ed to the same user as before, and tried to sign an email to myself, in Pine. The screen went black with a window in the center asking for the passphrase. However, it is not the agent, because a second post asks again for the passphrase. This is not the purpose of an agent. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
Carlos E. R. wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1 But what desktop? It makes a difference. I am not using one, I am using ctwm, and xdm. When you su to a user, no, you will not get a window prompting for the
On 2017-03-11 23:25, Richmond wrote: passphrase, because the desktop doesn't belong to that user. The gpg agent (which depends on the desktop and configuration used) does not act, it has not been started for the su-ed user.
You should get the prompt for the user passphrase in the same terminal.
I didn't though. If I had I would have been happy. It did not prompt me at all, it just caused an error. It works on the console though, where there is no DOE. p.s. I have just discovered that quite a large proportion of this list has been going into my spam folder. :( -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-03-12 19:02, Richmond wrote:
Carlos E. R. wrote:
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1 But what desktop? It makes a difference. I am not using one, I am using ctwm, and xdm.
Well, that also matters ;-)
When you su to a user, no, you will not get a window prompting for the passphrase, because the desktop doesn't belong to that user. The gpg agent (which depends on the desktop and configuration used) does not act, it has not been started for the su-ed user.
You should get the prompt for the user passphrase in the same terminal.
I didn't though. If I had I would have been happy. It did not prompt me at all, it just caused an error. It works on the console though, where there is no DOE.
Go into ~/.gnupg/ and disable the agent. File gpg.cong, comment out line "use-agent".
p.s. I have just discovered that quite a large proportion of this list has been going into my spam folder. :(
LOL :-) -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
Carlos E. R. wrote:
You should get the prompt for the user passphrase in the same terminal.
I didn't though. If I had I would have been happy. It did not prompt me at all, it just caused an error. It works on the console though, where there is no DOE. Go into ~/.gnupg/ and disable the agent. File gpg.cong, comment out line "use-agent". There is no mention of agent in that file. In the man page I find:
--use-agent --no-use-agent This is dummy option. gpg2 always requires the agent. This is crazy. Who writes this stuff? :) How did it use an agent on the console? Clearly it doesn't always require an agent. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-03-12 20:02, Richmond wrote:
Carlos E. R. wrote:
You should get the prompt for the user passphrase in the same terminal.
I didn't though. If I had I would have been happy. It did not prompt me at all, it just caused an error. It works on the console though, where there is no DOE. Go into ~/.gnupg/ and disable the agent. File gpg.cong, comment out line "use-agent". There is no mention of agent in that file. In the man page I find:
--use-agent
--no-use-agent This is dummy option. gpg2 always requires the agent.
Try "no-use-agent" in a line in the file. At worst, delete the agent. It does not work in console: if it did, the second time you would not get asked again for the password, and I do. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
Carlos E. R. wrote:
On 2017-03-12 20:02, Richmond wrote:
Carlos E. R. wrote:
You should get the prompt for the user passphrase in the same terminal.
I didn't though. If I had I would have been happy. It did not prompt me at all, it just caused an error. It works on the console though, where there is no DOE. Go into ~/.gnupg/ and disable the agent. File gpg.cong, comment out line "use-agent". There is no mention of agent in that file. In the man page I find:
--use-agent
--no-use-agent This is dummy option. gpg2 always requires the agent. Try "no-use-agent" in a line in the file.
At worst, delete the agent. It does not work in console: if it did, the second time you would not get asked again for the password, and I do.
.gnupg/gpg.conf:197: obsolete option "--no-use-agent" - it has no effect I don't know how to delete the agent. I am not sure I even have one. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2017-03-12 20:55, Richmond wrote:
Carlos E. R. wrote:
Try "no-use-agent" in a line in the file.
At worst, delete the agent. It does not work in console: if it did, the second time you would not get asked again for the password, and I do.
.gnupg/gpg.conf:197: obsolete option "--no-use-agent" - it has no effect
I don't know how to delete the agent. I am not sure I even have one.
Yes, at least you have gpg-agent. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" (Minas Tirith))
On 03/11/2017 04:25 PM, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
$ sudo zypper in pinentry-gtk2 -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
12.03.2017 02:24, David C. Rankin пишет:
On 03/11/2017 04:25 PM, Richmond wrote:
Why do I get this error? It happens if I use "su - user" to switch to a different user and then try to decrypt a file. I am pretty sure it used to work. And it will work if I log in on the console as the different user. It should prompt for the passphrase in a window.
gpg: CAST5 encrypted data gpg-agent[5394]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: encrypted with 1 passphrase gpg: decryption failed: No secret key
I'm on 42.2 64 bit.
gpg --version gpg (GnuPG) 2.0.24 libgcrypt 1.6.1
$ sudo zypper in pinentry-gtk2
It won't be able to launch it; anyway, I can easily reproduce it while having this installed. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 03/11/2017 11:54 PM, Andrei Borzenkov wrote:
$ sudo zypper in pinentry-gtk2
It won't be able to launch it; anyway, I can easily reproduce it while having this installed.
Have you tried it? I ran into this exact same problem with Leap 42.2 and the only problem ended up being the lack of a pinentry package. I was not prompted in the terminal as I expected to be. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (4)
-
Andrei Borzenkov
-
Carlos E. R.
-
David C. Rankin
-
Richmond