[pkg-gnupg-maint] Bug#809278: gnupg2: Asks gpg-agent for secret key to every key in the database instead of trying default
Julian Andres Klode
jak at debian.org
Mon Dec 28 22:21:15 UTC 2015
On Mon, Dec 28, 2015 at 11:06:39PM +0100, Julian Andres Klode wrote:
> Package: gnupg2
> Version: 2.1.10-3
> Severity: important
>
> I first noticed this today. I have the default-key set to the key on my smart
> card, which is the only non-revoked private key in the keyring; but instead
> of trying to use it, gpg2 first asks the agent for every other key in the
> keyring if a private key exists, causing a __15__ second delay before the pin
> is requested from me.
>
> During DebConf I basically had the same issue, and setting the default-key
> as Werner Koch suggested fixed the issue back then, but now it is back.
>
> The logs are the usual tons of:
> gpg-agent[4355]: DBG: chan_4 <- HAVEKEY 5DF8BCA35EA1D66D5F52648DFC630FFFC065B087 781EB41B7C0D0EF13B9B395192625F446DB934F3
> gpg-agent[4355]: DBG: chan_4 -> ERR 67108881 No secret key <GPG Agent>
>
As I wrote on IRC, specifying -u makes it work. If I pass -v, I get
without -u:
gpg: using PGP trust model
gpg: key 0x021B361B6B031B00: accepted as trusted key
gpg: Note: signature key 0x3073424FEB356621 has been revoked
gpg: Note: signature key 0x922E32FA4E26A87D expired Sun 22 Nov 2009 12:46:42 CET
[...]
before finally reaching
gpg: using subkey 0xD73C39E56580B386 instead of primary key 0x021B361B6B031B00
If I pass -u, it reaches that step directly.
Configuration can be found at
https://github.com/julian-klode/dotfiles/tree/master/.gnupg
--
Julian Andres Klode - Debian Developer, Ubuntu Member
See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to (`inline'). Thank you.
More information about the pkg-gnupg-maint
mailing list