[pkg-gnupg-maint] Bug#839547: Bug#839547: gnupg: unable to decrypt file

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Oct 2 15:02:26 UTC 2016 

Hi Paul--

On Sat 2016-10-01 16:16:39 -0700, Paul Rogé wrote:
>
>>   dpkg -l 'pinentry-*'
>
> pinentry-gnome3 0.9.7-5 amd64
> pinentry-gtk2 0.9.7-5 amd64
>
>>   dpkg -S $(readlink -f $(which pinentry))
>
> pinentry-gnome3: /usr/bin/pinentry-gnome3
>
>> are you running this from a graphical environment (e.g. in an Xterm or
>> something), from a virtual terminal, or somewhere else?
>> 
> I am running this from a graphical environment (rxvt-unicode [9.22-1+b1
> amd64]), but the same problem occurs from the console.
>
>> If you do have pinentry installed, does it show you a prompt if you run
>> it directly?
>
> This is what I get following your instructions:
>
> OK Pleased to meet you
> getpin
> D asd
> OK
> bye
> OK closing connection

great, this all sounds reasonable and correct, so pinentry is *not* the
problem here.

the next step for debugging might be to see what's going on with your
gpg-agent, which is where the secret key gets used.

Please try increasing the logging in gpg-agent and seeing if there's a
clue in there.  You can do this by adding the following lines to
~/.gnupg/gpg-agent.conf (note that you should replace the "1000" below
with whatever your user id number is):

    debug-level advanced
    debug-pinentry
    log-file /run/user/1000/gpg-agent.log

and then restarting the agent with this command:

    gpg-connect-agent reloadagent /bye

Then retry the decryption operation:

    gpg --decrypt file.gpg

and see what ends up in that log.  Feel free to send it to me privately
if you aren't sure if there's anything troubling in it, or to redact any
parts you don't want public (e.g. replace any string of
arbitrary-looking hexadecimal with XXXXXXXXXXX) and send it to this bug
report.

Thanks for bearing with this debugging process!

       --dkg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20161002/068b806a/attachment.sig>

More information about the pkg-gnupg-maint mailing list