Mailing List Archive: Pinentry problem with different home dir

Pinentry problem with different home dir

falko.strenzke at mtg

Oct 25, 2023, 4:01 AM

Post #1 of 7 (279 views)

I am trying to run GnuPG with a different home directory by setting the
environment variable GNUPGHOME. However, in that case, for instance when
trying to generate a key, in that case I get the error

gpg: DBG: chan_4 <- ERR 67108949 No pinentry <GPG Agent>
gpg: agent_genkey failed: No pinentry
Key generation failed: No pinentry

I wonder what makes the difference. The only relevant files I found in
my normal home directory are those under ~/.gnupg. But there seems to be
no agent configuration file in that directory.

Can anyone give me an advice what I can try to get the GnuPG Agent
pinentry working with different home directory specified via GNUPGHOME?

- Falko

--

*MTG AG*
Dr. Falko Strenzke
Executive System Architect

Phone: +49 6151 8000 24
E-Mail: falko.strenzke@mtg.de
Web: mtg.de <https://www.mtg.de>

------------------------------------------------------------------------

MTG AG - Dolivostr. 11 - 64293 Darmstadt, Germany
Commercial register: HRB 8901
Register Court: Amtsgericht Darmstadt
Management Board: Jürgen Ruf (CEO), Tamer Kemeröz
Chairman of the Supervisory Board: Dr. Thomas Milde

This email may contain confidential and/or privileged information. If
you are not the correct recipient or have received this email in error,
please inform the sender immediately and delete this email. Unauthorised
copying or distribution of this email is not permitted.

Data protection information: Privacy policy
<https://www.mtg.de/en/privacy-policy>

Re: Pinentry problem with different home dir [ In reply to ]

gnupg-users at gnupg

Oct 25, 2023, 6:35 AM

Post #2 of 7 (279 views)

On Wed, 25 Oct 2023 13:01, Falko Strenzke said:

> Can anyone give me an advice what I can try to get the GnuPG Agent
> pinentry working with different home directory specified via
> GNUPGHOME?

Run it this way:

mkdir /foo/bar
cd /foo/bar
GNUPGHOME=`pwd` gpg-agent --daemon ~/bin/gnupg-setup-tests

With gnupg-setup-tests being:
--8<---------------cut here---------------start------------->8---
#!/bin/sh

SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
export SSH_AUTH_SOCK
cat >setup-tests.ini <<'EOF'
PS1="$(echo "$PS1" | sed 's,\\\$ $,(GnuPGTest)\\\$ ,')"
export HISTCONTROL=ignoreboth
export HISTFILE=$(pwd)/.bash_history
EOF
exec bash --init-file setup-tests.ini
--8<---------------cut here---------------end--------------->8---

That is a pretty conevient setup and allows to keep test around and
easily switch to them.

The pinentry is searched at

$(gpgconf -L bindir)/pinentry

In case you have a special setup you may put a gpg-agent.conf into
$GNUPGHOME and use the pinentry-program option. "gpg -v" shou.d show
which pinetry is launched, in case of problems, the gpg-agent.conf
should show/log an error.

Salam-Shalom,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

Re: Pinentry problem with different home dir [ In reply to ]

mcr at sandelman

Oct 25, 2023, 3:51 PM

Post #3 of 7 (279 views)

Werner Koch via Gnupg-users <gnupg-users@gnupg.org> wrote:
> On Wed, 25 Oct 2023 13:01, Falko Strenzke said:

>> Can anyone give me an advice what I can try to get the GnuPG Agent
>> pinentry working with different home directory specified via
>> GNUPGHOME?

> Run it this way:

> mkdir /foo/bar cd /foo/bar GNUPGHOME=`pwd` gpg-agent --daemon
> ~/bin/gnupg-setup-tests

The gpg-agent dependancy that came a few years ago has really been a PITA.

I would really like some way to tell GPG that it really needs to ignore all
of *my* (personal) setup, because I'm wearing a different personality now.
[like code signing]

> In case you have a special setup you may put a gpg-agent.conf into
> $GNUPGHOME and use the pinentry-program option. "gpg -v" shou.d show
> which pinetry is launched, in case of problems, the gpg-agent.conf
> should show/log an error.

I guess I'd really like that to just happen with some --I-really-want-isolated-gnupg
option.

--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [

Re: Pinentry problem with different home dir [ In reply to ]

gnupg-users at gnupg

Oct 25, 2023, 11:53 PM

Post #4 of 7 (277 views)

On Wed, 25 Oct 2023 18:51, Michael Richardson said:

> The gpg-agent dependancy that came a few years ago has really been a PITA.

a few years = 20 years [1]

> I would really like some way to tell GPG that it really needs to ignore all
> of *my* (personal) setup, because I'm wearing a different personality now.

Use a different home directory. Actually running
gpg --homedir /somewhere -s something
should be enough but the agent and dirmngr started on the fly won't be
killed until you rmdir /somewhere.

Or just use -u to select a different signing key. For example in
~/.gitconfig

--8<---------------cut here---------------start------------->8---
[user]
name = "Werner Koch"
email = "wk@gnupg.org"
signingkey = C1D34B69219E4AEEC0BA1C21E3FDFF218E45B72B
[commit]
gpgsign
--8<---------------cut here---------------end--------------->8---

Salam-Shalom,

Werner

[1] "Noteworthy changes in version 1.9.0 (2003-08-05)"

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

Re: Pinentry problem with different home dir [ In reply to ]

kloecker at kde

Oct 26, 2023, 1:35 AM

Post #5 of 7 (277 views)

On Mittwoch, 25. Oktober 2023 13:01:39 CEST Falko Strenzke wrote:
> I am trying to run GnuPG with a different home directory by setting the
> environment variable GNUPGHOME. However, in that case, for instance when
> trying to generate a key, in that case I get the error
>
> gpg: DBG: chan_4 <- ERR 67108949 No pinentry <GPG Agent>
> gpg: agent_genkey failed: No pinentry
> Key generation failed: No pinentry

I'm wondering why you have problems with something that I'm using almost daily
while working on Kleopatra. I do
GNUPGHOME=/somewhere gpg ...
or
GNUPGHOME=/somewhere kleopatra ...
all of the time.

I think you need to tell us the commands you are using. And the output of
`gpg --version`.

Regards,
Ingo

Re: Pinentry problem with different home dir [ In reply to ]

falko.strenzke at mtg

Oct 26, 2023, 2:12 AM

Post #6 of 7 (277 views)

Hi Ingo,

actually I could solve the problem now by placing the gpg-agent.conf
with the specification of the pinentry program into the folder I specify
as GNUPGHOME. I still don't understand why this is necessary, as my
normal home directory doesn't contain this file. But it is working for
me now.

- Falko

Am 26.10.23 um 10:35 schrieb Ingo Klöcker:
> On Mittwoch, 25. Oktober 2023 13:01:39 CEST Falko Strenzke wrote:
>> I am trying to run GnuPG with a different home directory by setting the
>> environment variable GNUPGHOME. However, in that case, for instance when
>> trying to generate a key, in that case I get the error
>>
>> gpg: DBG: chan_4 <- ERR 67108949 No pinentry <GPG Agent>
>> gpg: agent_genkey failed: No pinentry
>> Key generation failed: No pinentry
> I'm wondering why you have problems with something that I'm using almost daily
> while working on Kleopatra. I do
> GNUPGHOME=/somewhere gpg ...
> or
> GNUPGHOME=/somewhere kleopatra ...
> all of the time.
>
> I think you need to tell us the commands you are using. And the output of
> `gpg --version`.
>
> Regards,
> Ingo
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
--

*MTG AG*
Dr. Falko Strenzke
Executive System Architect

Phone: +49 6151 8000 24
E-Mail: falko.strenzke@mtg.de
Web: mtg.de <https://www.mtg.de>

------------------------------------------------------------------------

MTG AG - Dolivostr. 11 - 64293 Darmstadt, Germany
Commercial register: HRB 8901
Register Court: Amtsgericht Darmstadt
Management Board: Jürgen Ruf (CEO), Tamer Kemeröz
Chairman of the Supervisory Board: Dr. Thomas Milde

This email may contain confidential and/or privileged information. If
you are not the correct recipient or have received this email in error,
please inform the sender immediately and delete this email. Unauthorised
copying or distribution of this email is not permitted.

Data protection information: Privacy policy
<https://www.mtg.de/en/privacy-policy>

Re: Pinentry problem with different home dir [ In reply to ]

steffen at sdaoden

Oct 26, 2023, 9:01 AM

Post #7 of 7 (277 views)

Werner Koch via Gnupg-users wrote in
<87r0lhzxgu.fsf@jacob.g10code.de>:
|On Wed, 25 Oct 2023 18:51, Michael Richardson said:
...
|Use a different home directory. Actually running
| gpg --homedir /somewhere -s something
|should be enough but the agent and dirmngr started on the fly won't be
|killed until you rmdir /somewhere.

It would really be nice if one would be able to avoid those extras
for simple operations. It is one reason why i still use 1.4.23,
all those surroundings that i really do not need (unless i would
need them), and that get auto-started and are then laying around.

Other than that it justs works here, with three different
homedir's (pgp with "mutilated" non-exportable etc. private key --
thanks again for this non-standard but super user helpful
possibility!, pgp-nosecrets with only the public key for
encryption, and then the usually non-available full thing.
Works for years without any issues at all.

|Or just use -u to select a different signing key. For example in
|~/.gitconfig
...
|[user]
| name = "Werner Koch"
| email = "wk@gnupg.org"
| signingkey = C1D34B69219E4AEEC0BA1C21E3FDFF218E45B72B

I did not know it even works with quotes. Never used quotes here.

--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users