[pkg-gnupg-maint] Bug#842015: Bug#842015: gnupg: gpg --no-tty freezes when there is no X display

Vincent Lefevre vincent at vinc17.net
Tue Oct 25 18:35:49 UTC 2016 

On 2016-10-25 13:19:13 -0400, Daniel Kahn Gillmor wrote:
> I'd like to learn more about what's going on that makes this freeze for
> you.  It's possible that it's talking to gpg-agent and gpg-agent isn't
> responding as fast as you'd like because it's invoking pinentry
> somewhere else...

This happened when I was at my lab and connected to my machine
at home, and I've just gone back home and was surprised to see
the dialog boxes (pinentry?) to type my passphrase.

I think that what happened is the following:

1. Start an X session locally on machine A.
   I suppose that this starts gpg-agent automatically (otherwise
   maybe an "emacs file.gpg" is needed too).

2. From machine B, do "ssh A" (without X forwarding).

3. From this ssh session, do "emacs file.gpg".

It seems that gpg connects to gpg-agent, which thinks that the
current screen is the one that corresponds to the X session,
which is obviously wrong. At least, gpg and gpg-agent shouldn't
assume that they have the same $DISPLAY in their environment.

Before I do anything else, can you reproduce the problem with
something like that?

> Are you using a forwarded agent or a local agent?

No forwarding agent, AFAIK (unless I'm not aware of one).

> what pinentry programs are available on the machine in question?
> which one is installed as the default?

zira:~> update-alternatives --display pinentry
pinentry - auto mode
  link best version is /usr/bin/pinentry-gnome3
  link currently points to /usr/bin/pinentry-gnome3
  link pinentry is /usr/bin/pinentry
  slave pinentry.1.gz is /usr/share/man/man1/pinentry.1.gz
/usr/bin/pinentry-curses - priority 50
  slave pinentry.1.gz: /usr/share/man/man1/pinentry-curses.1.gz
/usr/bin/pinentry-gnome3 - priority 90
  slave pinentry.1.gz: /usr/share/man/man1/pinentry-gnome3.1.gz
/usr/bin/pinentry-gtk-2 - priority 85
  slave pinentry.1.gz: /usr/share/man/man1/pinentry-gtk-2.1.gz

-- 
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

More information about the pkg-gnupg-maint mailing list