Enigmail Private Passphrase Problems on Thunderbird + GPG4Win Windows 7

[Philipp R.]

Dear Support,
I tried to install both, enigmail and GPG4Win (version 2.3.0) on my PC to enable me to use PGP encrypted mail. Although I was able to generate a key and add other keys to my public keyring, I am not able to decrpyt messages mailed to me. As a test I sent an encrypted mail to myself and it fails to open the passphrase entering popup window. The same problem also prevents me from generating key revocation certificates or signing other public keys.
I assume the error is located in the gpg-agent, as it should handle the passphrase. It is running (thread visible in taskmanager), but it does not allow me to enter the passphrase.

Anyone have any ideas how to solve this problem?

Kind Regards,
Philipp

[Patrick Brunschwig]

Please try to reboot your PC and see if this help. gpg-agent sometimes does not succeed to run properly at the first try.

[Philipp R.]

Tried several reboots... No change.

Even tried reinstalling.... Also no change.

[Olav Seyfarth]

Hi Philipp, since there are dependencies and software layers, let's do it step by step.

First of all: make sure that there's really only one version of GnuPG installed on your system by searching your PATH (or drive(s)). It is possible to use multiple GnuPG versions alongside, but to drill down the issue, make sure you only have one.

If email encryption with Enigmail is your sole usage, then it's easiest to uninstall any GnuPG programs, search the drive and remove the remainders. Don't remove your keyring (in \User...) but only executables, libraries, etc (\Program Files...). Reboot. Then download and verify the has of GPG4win VANILLA (latest RELEASE version, so currently 2.3). Install it completely without fiddling with it's settings.

Now open a console (CMD.EXE), issue "gpg --version" and post the result here. Then, issue "echo test > test" and "gpg -aer YOUR-EMAIL-ADDRESS test". You should get a text file test.asc, verify that by "type test.asc", it should start with "-----BEGIN PGP MESSAGE-----". If so, you just encrypted "test" to yourself. That's how far you got already.

Now verify that your keys are accessible and valid: "gpg --list-secret-keys". You should see you key(s) there. Edit the (newest) key that carries the UID (email address) used above: "gpg --edit YOUR-EMAIL-ADDRESS". You should see "trust: ultimate, validity: ultimate". Otherwise, there's something broken or not set correctly in your keyring.

You should now be able to decrypt test.asc: "gpg -d test.asc". It should yield:
gpg: encrypted with ...
YOUR-EMAIL-ADDRESS
test

Please post what works and what doesn't. If only decryption does not work, please post the content "dir %APPDATA%\gnupg", "type %APPDATA%\gnupg\gpg.conf" and "type %APPDATA%\gnupg\gpg-agent.conf".

[Philipp R.]

Somehow during the decryption in the cmd shell I was asked for my passphrase which was not happening before. This was cached and allowed me to use it in Enigmail as well.
Thank you for your help! Now i will check whether the cache survives a reboot. ^.^

[Patrick Brunschwig]

It won't. The cache is in memory only.