Since today my passphrase in Enigmail 1.8, gets rejected as invalid — so
I can't access my encrypted mails or send such anymore!
That passphrase is unchanged and correct: when I save an encrypted email
and decrypt it manually with gpg (version 1.4.15), it works.
Using gpg2 (version 2.0.20), the same dialog pops up as from Enigmail
and also fails. What's up here??
To my knowledge I haven't had changes in my system in the last days; I'm
not sure about Enigmail's automatic updates (its large icons are new to
me since the day before).
Using Linux Mint Debian Edition x64 w/ Mate desktop and TB 31.5.0.
-- Hans
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
On several machines, my Mate desktop had set in Start Programs as GPG-Passwort-Agent:
mate-keyring-daemon --start --components=gpg
which worked well until the 1.8 update.
I replaced this now by:
gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
Now Enigmail accepts my passphrase again (And gpg2 can decrypt a saved .eml again. But I did install gpg independent from and long before Enigmail — where is the connection here?).
But it does not cache the passphrase anymore: every time I click on an encrypted mail, the passphrase is asked for again. Unusable.
The passphrase dialog GUI is now titled »pinentry«, is now lacking the caching option checkboxes and does not recognize my settings in ~/.gnupg/gpg-agent.conf …
(BTW, I do NOT like the new big icons: one of my machines is a netbook with a 1024×600 screen where I don't want to waste any screen height!)
Hans
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Removed gpg-agent from Start Programs (and restarted desktop): no difference. Enigmail works, but the passphrase is not remembered.
Why doesn't gpg-agent recognize my settings in ~/.gnupg/gpg-agent.conf anymore?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Gnupg since 2.0.16 is able to start gpg-agent "on-the-fly" if needed. It should remain active afterwards, which is not the case at your installation. I don't know which program interferes here. Maybe you can find traces in your system log files. Perhaps enabled logging in gpg-agent can also provide insight.
Last edit: Ludwig Hügelschäfer 2015-03-30
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Re-enabled in Start Programs, now as
gpg-agent --daemon --enable-ssh-support --use-standard-socket
which seems to do it.
Well for me, but why? According to the man pages, --use-standard-socket is the default. And I don't see why that kept gpg-agent from "demonizing" - there was no such process active between pinentries, now it is.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Keep in mind that gpg-agent is part of GnuPG, not part of Enigmail.
While we're happy to help you how we can, the GnuPG mailing list will be
much better able to help you with this gpg-agent problem.
Since today my passphrase in Enigmail 1.8, gets rejected as invalid — so
I can't access my encrypted mails or send such anymore!
That passphrase is unchanged and correct: when I save an encrypted email
and decrypt it manually with gpg (version 1.4.15), it works.
Using gpg2 (version 2.0.20), the same dialog pops up as from Enigmail
and also fails. What's up here??
To my knowledge I haven't had changes in my system in the last days; I'm
not sure about Enigmail's automatic updates (its large icons are new to
me since the day before).
Using Linux Mint Debian Edition x64 w/ Mate desktop and TB 31.5.0.
-- Hans
Please follow the instructions on this page to solve issues with GnuPG 2.0 and password management: https://www.enigmail.net/support/gnupg2_issues.php
On several machines, my Mate desktop had set in Start Programs as GPG-Passwort-Agent:
mate-keyring-daemon --start --components=gpg
which worked well until the 1.8 update.
I replaced this now by:
gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
Now Enigmail accepts my passphrase again (And gpg2 can decrypt a saved .eml again. But I did install gpg independent from and long before Enigmail — where is the connection here?).
But it does not cache the passphrase anymore: every time I click on an encrypted mail, the passphrase is asked for again. Unusable.
The passphrase dialog GUI is now titled »pinentry«, is now lacking the caching option checkboxes and does not recognize my settings in ~/.gnupg/gpg-agent.conf …
(BTW, I do NOT like the new big icons: one of my machines is a netbook with a 1024×600 screen where I don't want to waste any screen height!)
Hans
The env-file you write to is most likely ignored by GnuPG.
As you're using GnuPG 2.0.20, I'd suggest you don't start any gpg-agent at startup, but leave it up to GnuPG to start the agent when needed.
Alternatively, you could try adding "--use-standard-socket" to the gpg-agent parameters.
For the icons: these are standard Thunderbird toolbar icons; you can move them up to the normal toolbar an/or hide the Enigmail toolbar completely.
Removed gpg-agent from Start Programs (and restarted desktop): no difference. Enigmail works, but the passphrase is not remembered.
Why doesn't gpg-agent recognize my settings in ~/.gnupg/gpg-agent.conf anymore?
Gnupg since 2.0.16 is able to start gpg-agent "on-the-fly" if needed. It should remain active afterwards, which is not the case at your installation. I don't know which program interferes here. Maybe you can find traces in your system log files. Perhaps enabled logging in gpg-agent can also provide insight.
Last edit: Ludwig Hügelschäfer 2015-03-30
Re-enabled in Start Programs, now as
gpg-agent --daemon --enable-ssh-support --use-standard-socket
which seems to do it.
Well for me, but why? According to the man pages, --use-standard-socket is the default. And I don't see why that kept gpg-agent from "demonizing" - there was no such process active between pinentries, now it is.
Keep in mind that gpg-agent is part of GnuPG, not part of Enigmail.
While we're happy to help you how we can, the GnuPG mailing list will be
much better able to help you with this gpg-agent problem.