Enigmail / Forum / Enigmail Support: Cannot connect to gpg-agent

Peter Lucas - 2016-02-28

Hi there,

I am new to using Ubuntu/Linux systems and I've been trying to set up Enigmail with Thunderbird running on Ubuntu 15.10. I'm sure that this is a very simple problem to solve, but I have exactly 90 mins experience of working on this OS.

At the moment nothing seems to be working correctly. I have installed the Enigmail extension in Thunderbird and gone through the key creation process. The first hint that all is not well is when attempting to create a revocation certificate - Enigmail complains that a pass phrase was not entered but does not prompt for a passphrase. I believe that Enigmail is attempting to retrieve the passphrase from gpg-agent and failing.

In the preferences diaglogue, if I attempt to change the 'remember pass phrase for...' setting I get the error "Cannot connect to gpg-agent..." Thinking that there might be some sort of conflict with gnome-keyring I have disabled gnome-keyring in start up applications and restarted the machine. The same errors occur.

In the terminal, I can run gpg --list-keys and see the key that I created. If I type gpg-agent I get the message "no gpg-agent running in this session."

Can anyone provide some suggestions about what I should do next?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ludwig Hügelschäfer - 2016-02-28

Hi, there are quite some reports with issues concerning the Gnome Keyring hindering gpg-agent to fulfil its tasks. Please check out our FAQ here: https://www.enigmail.net/index.php/en/faq?view=category&id=11#faqLink_2

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Olav Seyfarth - 2016-02-28

Here's how I solved the "gpg-agent" issue on Mint 17.3 Cinnamon (Ubuntu 14.04 based but should be the same in this respect). I also disable keyring for ssh since I prefer to use ssh-add.

(default install)
(install gnupg2)
mv /etc/xdg/autostart/gnome-keyring-gpg.desktop /etc/xdg/autostart/gnome-keyring-gpg.desktop.disabled
echo "use-agent" >>~/.gnupg/gpg.conf
(import your keys)
(reboot)

Note that you need a new session, thus either log out and back in or simply reboot.

Last edit: Olav Seyfarth 2016-03-03

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Tom Bradschetl - 2016-02-28
  
  (Comming from here) It’s not working for me, either.
  
  /etc/xdg/autostart/gnome-keyring-gpg.desktop
  
  ^ This file didn't exist in my installation. Instead I have
  
  $ ls /etc/xdg/autostart/gnome-keyring-* /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable /etc/xdg/autostart/gnome-keyring-pkcs11.desktop /etc/xdg/autostart/gnome-keyring-secrets.desktop /etc/xdg/autostart/gnome-keyring-ssh.desktop.disabled
  
  Also gnupg-doc had no installation candidate, but that should be OK, shouldn't it?!
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Thanks, but the advice in the FAQ is to check pinentry, which I've done and it displays the hello world message outside of the terminal. The next step is to add a line to the .conf file. Except I can't because it's owned by root so I can't save changes in gedit and I don't know how to edit this file in the terminal.

I also tried the pkill -f .... but this had no effect.

I feel that I'm out of my depth here trying to get this to work!

You should have a ~/.gnupg/gpg-agent.conf, which should be "yours".

I added "pinentry-program /usr/bin/pinentry" here, and now it works - at least a bit: the password is not remembered anymore.

I had this experience using Lubuntu 15.10, where Enigmail 1.9 complained about pinentry; it differs from the behavior unter Lubuntu 15.4, where there was the gpg-agent issue.

After adding "use-standard-socket" in ~/.gnupg/gpg-agent.conf, it didn't work anymore, even not after again deleting "use-standard-socket" and logging out and in again.

Step 6 of https://enigmail.net/index.php/en/faq?view=category&id=14 shows the following error message:

gpg-agent[4827]: chan_6 -> ERR 67109139 Unbekanntes IPC Kommando <GPG Agent>

(unknown PIC command) and after entering my passphrase:

gpg-agent[4827]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>

(unknown option) (several times).

I wonder whether I actally have to reboot?!

I will test and report

OK: Reboot helps, but so does "killall gpg-agent".

Still: Adding "use-standard-socket" in ~/.gnupg/gpg-agent.conf, pinentry does not work anymore.

With just

default-cache-ttl 600
max-cache-ttl 600
pinentry-program /usr/bin/pinentry

in ~/.gnupg/gpg-agent.conf, the passphrase will not be cached, which is really annoying.

Logged messages (with "gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh"):

gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh
gpg-agent[2185]: enabled debug flags: command cache assuan
gpg-agent[2185]: Es wird auf Socket `/home/u/.gnupg/S.gpg-agent' gehört
gpg-agent[2186]: gpg-agent (GnuPG) 2.0.28 started
$ gpg-agent[2186]: Handhabungsroutine 0x812f1730 für fd 6 gestartet
gpg-agent[2186]: chan_6 -> OK Pleased to meet you, process 2189
gpg-agent[2186]: chan_6 <- RESET
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION display=:0.0
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION xauthority=/home/user/.Xauthority
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=XMODIFIERS=@im=ibus
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=GTK_IM_MODULE=xim
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-N4V7jzAeyQ
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=QT_IM_MODULE=ibus
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION allow-pinentry-notify
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- AGENT_ID
gpg-agent[2186]: chan_6 -> ERR 67109139 Unbekanntes IPC Kommando <GPG Agent>
gpg-agent[2186]: chan_6 <- GETINFO cmd_has_option GET_PASSPHRASE repeat
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- GET_PASSPHRASE --data --repeat=0 -- 6834495E4BD55B8B990FCC1A984A3A08F502B27B X X Sie+benötigen+eine+Passphrase,+um+den+geheimen+OpenPGP+Schlüssel+zu+entsperren.%0ABenutzer:+%22Matthias+Bergt+<XXX>%22%0A4096-bit+RSA+Schlüssel,+ID+FYYYY,+erzeugt+2012-12-22+(Hauptschlüssel-ID+ZZZ)%0A
gpg-agent[2186]: DBG: agent_get_cache `6834495E4BD55B8B990FCC1A984A3A08F502B27B'...
gpg-agent[2186]: DBG: ... miss
gpg-agent[2186]: starting a new PIN Entry
gpg-agent[2186]: chan_7 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: DBG: connection to PIN entry established
gpg-agent[2186]: chan_7 -> OPTION grab
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION ttyname=/dev/pts/0
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION ttytype=xterm
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION allow-external-password-cache
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION default-ok=_OK
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION default-cancel=_Abbrechen
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION default-yes=_Ja
gpg-agent[2186]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>
gpg-agent[2186]: chan_7 -> OPTION default-no=_Nein
gpg-agent[2186]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>
gpg-agent[2186]: chan_7 -> OPTION default-prompt=PIN:
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION default-pwmngr=Im Passwordmanager _speichern
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> OPTION default-cf-visi=Möchten Sie die eingegebene Passphrase wirklich auf dem Bildschirm sichtbar machen?
gpg-agent[2186]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>
gpg-agent[2186]: chan_7 -> OPTION default-tt-visi=Die Passphrase sichtbar machen
gpg-agent[2186]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>
gpg-agent[2186]: chan_7 -> OPTION default-tt-hide=Passphrase unsichtbar machen
gpg-agent[2186]: chan_7 <- ERR 83886254 Unbekannte Option <Pinentry>
gpg-agent[2186]: chan_7 -> OPTION touch-file=/home/user/.gnupg/S.gpg-agent
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> GETINFO pid
gpg-agent[2186]: chan_7 <- D 2193
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_6 -> INQUIRE PINENTRY_LAUNCHED 2193
gpg-agent[2186]: chan_6 <- END
gpg-agent[2186]: chan_7 -> SETKEYINFO u/6834495E4BD55B8B990FCC1A984A3A08F502B27B
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> SETDESC Sie benötigen eine Passphrase, um den geheimen OpenPGP Schlüssel zu entsperren.%0ABenutzer: %22Matthias Bergt <X>%22%0A4096-bit RSA Schlüssel, ID YYY, erzeugt 2012-12-22 (Hauptschlüssel-ID ZZZ)%0A
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> SETPROMPT Passphrase
gpg-agent[2186]: chan_7 <- OK
gpg-agent[2186]: chan_7 -> [[Confidential data not shown]]
gpg-agent[2186]: chan_7 <- [[Confidential data not shown]]
gpg-agent[2186]: chan_7 <- [[Confidential data not shown]]
gpg-agent[2186]: chan_7 -> BYE
gpg-agent[2186]: DBG: agent_put_cache `6834495E4BD55B8B990FCC1A984A3A08F502B27B' requested ttl=0 mode=3
gpg-agent[2186]: chan_6 -> [[Confidential data not shown]]
gpg-agent[2186]: chan_6 -> [[Confidential data not shown]]
gpg-agent[2186]: chan_6 <- [eof]
gpg-agent[2186]: Handhabungsroutine 0x812f1730 für den fd 6 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1730 für fd 6 gestartet
gpg-agent[2186]: chan_6 -> OK Pleased to meet you, process 2254
gpg-agent[2186]: chan_6 <- RESET
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION ttyname=/dev/pts/3
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION ttytype=xterm
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION display=:0.0
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION xauthority=/home/user/.Xauthority
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=XMODIFIERS=@im=ibus
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=GTK_IM_MODULE=xim
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-N4V7jzAeyQ
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION putenv=QT_IM_MODULE=ibus
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION lc-ctype=de_DE.UTF-8
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- OPTION lc-messages=de_DE.UTF-8
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- getinfo version
gpg-agent[2186]: chan_6 -> D 2.0.28
gpg-agent[2186]: chan_6 -> OK
gpg-agent[2186]: chan_6 <- [eof]
gpg-agent[2186]: Handhabungsroutine 0x812f1730 für den fd 6 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für fd 7 gestartet
gpg-agent[2186]: chan_7 -> OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 <- OK Pleased to meet you, process 2186
gpg-agent[2186]: chan_6 -> GETINFO pid
gpg-agent[2186]: chan_7 <- GETINFO pid
gpg-agent[2186]: chan_7 -> D 2186
gpg-agent[2186]: chan_7 -> OK
gpg-agent[2186]: chan_6 <- D 2186
gpg-agent[2186]: chan_6 <- OK
gpg-agent[2186]: chan_6 -> BYE
gpg-agent[2186]: chan_7 <- BYE
gpg-agent[2186]: chan_7 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1ef0 für den fd 7 beendet
gpg-agent[2186]: Handhabungsroutine 0x812f1730 für fd 6 gestartet
gpg-agent[2186]: chan_6 -> OK Pleased to meet you, process 2282
gpg-agent[2186]: chan_6 <- BYE
gpg-agent[2186]: chan_6 -> OK closing connection
gpg-agent[2186]: Handhabungsroutine 0x812f1730 für den fd 6 beendet

"gpgconf --check-programs"
reports:

gpg:GPG for OpenPGP:/usr/bin/gpg2:1:1:
gpg-agent:GPG Agent:/usr/bin/gpg-agent:1:1:
gpgconf: Fehler bei Ausführung von `/usr/lib/gnupg2/scdaemon': wahrscheinlich nicht installiert
scdaemon:Smartcard Daemon:/usr/lib/gnupg2/scdaemon:0:0:
gpgconf: Fehler bei Ausführung von `/usr/bin/gpgsm': wahrscheinlich nicht installiert
gpgsm:GPG for S/MIME:/usr/bin/gpgsm:0:0:
gpgconf: Fehler bei Ausführung von `/usr/bin/dirmngr': wahrscheinlich nicht installiert
dirmngr:Directory Manager:/usr/bin/dirmngr:0:0:

Any ideas?

Ludwig Hügelschäfer - 2016-02-28

pinentry-program /usr/bin/pinentry

This one is probably not suited. Which pinentry variants do you have installed? pinentry-qt? pinentry-gtk?

Could you please try one of them?

Last edit: Ludwig Hügelschäfer 2016-02-28

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Matthias Bergt - 2016-02-28
  
  I changed the setting to pinentry-qt4 (-gtk is not installed) - no changes.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Matthias Bergt - 2016-02-28
    
    In addition, I tried:
    
    gpg-connect-agent <<EOT GET_CONFIRMATION Hello EOT
    
    and got:
    
    gpg-connect-agent: can't connect to the agent: IPC "connect" Aufruf fehlgeschlagen
    
    which seems to refer to the IPC problem I already mentioned.
    
    Last edit: Matthias Bergt 2016-02-28
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
    - Ludwig Hügelschäfer - 2016-02-28
      
      If you still have "use-standard-socket" active, try disabling it.
      
      If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
      - Matthias Bergt - 2016-02-28
        
        No, with "use-standard-socket", it doesn't work at all.
        
        If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Olav Seyfarth - 2016-02-28
    
    If you play with parameters in gpg-agent.conf, make sure to logout/login before you test.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
    - Matthias Bergt - 2016-02-28
      
      Log out & in again was not enough - I either had to reboot or killall gpg-agent.
      
      If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Olav Seyfarth - 2016-02-28

scdaemon?

If you actually USE a SmartCard (OpenPGP SmartCard 2.0 / NitroKey / YubiKey Neo / ...), there are quite some further hurdles (different thread, please).

Last edit: Olav Seyfarth 2016-02-28

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Matthias Bergt - 2016-02-28
  
  I don't use a smartcard, that's just the output of "gpgconf --check-programs". Or does it mean something that scdeamon appears there? Then I would apreciate a hint where to fix this.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Ludwig Hügelschäfer - 2016-02-28
    
    No, scdaemon is a standard component of GnuPG 2.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Olav Seyfarth - 2016-02-28

Call me and I'll give you a kickstart. Report your lessons learned here afterwards.

<--

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Cannot connect to gpg-agent

OpenPGP addon for Mozilla Thunderbird

Forums

Help

Cannot connect to gpg-agent

Cannot connect to gpg-agent

OpenPGP addon for Mozilla Thunderbird

Forums

Help

Cannot connect to gpg-agent document.SUBSCRIPTION_OPTIONS = { "thing": "topic", "subscribed": false, "url": "subscribe", "icon": { "css": "fa fa-envelope-o" } };

Cannot connect to gpg-agent