Continuous requests for passphrase (Ubuntu 14.10, TB 38.6, Enigmail 1.9, GPG 2)
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
This is rather frustrating. A while ago, I had a problem where I was being asked for my passphrase every time. I'm not sure what I did to fix it, but it went away. Now, Enigmail has just told me I need to install GPG2. I installed it... and the problem is back! Every time I select an encrypted mail, I get a pinentry-gtk-2 popup. Furthermore, S/MIME signed messages seem not to be showing up at all. Not sure if that's related.
I am using Ubuntu 14.04 LTS. However, given that I had to mess around with my system's gpg-agent settings last time this happened in un-remembered ways, I have no idea whether my setup is normal or not.
gerv@hare:~$ cat ~/.gnupg/gpg-agent.conf
pinentry-program /usr/bin/pinentry-gtk-2
default-cache-ttl 86400
max-cache-ttl 86400
There are lots of conflicting bits of advice online. There's a whole entry in the FAQ about problems with GPG2 and gpg-agent. Great:
https://www.enigmail.net/index.php/en/faq?view=category&id=11#faqLink_2
Except that this all seems to be about errors I don't have.
After I reboot my machine, the following relevant things seem to be running:
gpg-agent --daemon --sh
/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1
gnome-keyring-daemon --start --components pkcs11,secrets
Is this right? Who knows? GPG2 is supposed to start gpg-agent automatically if it's not started, but if I kill this instance then decrypt something, it doesn't start another one. The FAQ suggests disabling gnome-keyring, but a) it doesn't say how to do it, pointing only to a page on askubuntu, which doesn't explain what the side effects of doing this are. What is gnome-keyring supposed to do for me? Am I going to lose the ability to remember ssh logins? Why does using enigmail require me to disable what seem like important bits of my system? No-one seems to want to explain.
It would be great if there was a page somewhere which explained how all these pieces were supposed to work together, step by step, with ways of verifying that each piece was working, so I could figure out where the problem was.
Happy to provide more info if it would help anyone help me :-)
Gerv
I imagine your problem is that gpg launches a new gpg-agent every time it requires a passphrase. The 1st thing I'd try is to add the following line to ~/.gnupg/gpg-agent.conf:
If this doesn't help, then check if the env var GPG_AGENT_INFO is set. It may point to a wrong location.
I'm not sure which parts should be started by gnome-keyring-daemon. The following article describes how to disable gnome-keyring for GnuPG: https://wiki.gnupg.org/GnomeKeyring
HTH
-Patrick
use-standard-socket seems to have worked. Thank you!