[pkg-gnupg-maint] Bug#951025: gnupg: GPG tries to get passphrase from wrong place
matthew at wakeling.homeip.net
Sun Feb 9 23:27:39 GMT 2020
Justification: renders package unusable
I am logged into an XFCE session on my desktop computer, and that session is locked. I am now working on my laptop, which is at a remote location from my desktop computer, and I am logged into my desktop computer using ssh, without X forwarding.
When I try to unlock a private key using GPG on the ssh session, it contacts the gpg-agent program, which pops up a requester window for my passphrase on my desktop XFCE session. However, I am not at that computer, so I cannot provide it with a passphrase.
This makes it impossible for me to unlock the private key, without travelling to my desktop computer.
This has only become a problem since I upgraded my desktop computer from jessie to stretch, and therefore from gnupg1 to gnupg2.
The problem is that passphrase prompts now are centrally controlled, which fundamentally breaks the way that computers are used - you log in from various different places. The passphrase prompt must go to the session that caused the passphrase to be needed. Any other action is completely insane.
I note that it is not even possible to give gnupg2 an option to tell it not to use an agent.
I am justifying the severity marking of this bug report, because it does prevent gnupg working correctly in the majority of its use cases. If there is a nice simple on/off switch that makes it behave sanely that I have missed, then please downgrade the severity and document it.
-- System Information:
Debian Release: 9.12
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-0.bpo.6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnupg depends on:
ii gnupg-agent 2.1.18-8~deb9u4
ii libassuan0 2.4.3-2
ii libbz2-1.0 1.0.6-8.1
ii libc6 2.24-11+deb9u4
ii libgcrypt20 1.7.6-2+deb9u3
ii libgpg-error0 1.26-2
ii libksba8 1.3.5-2
ii libreadline7 7.0-3
ii libsqlite3-0 3.16.2-5+deb9u1
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages gnupg recommends:
ii dirmngr 2.1.18-8~deb9u4
ii gnupg-l10n 2.1.18-8~deb9u4
Versions of packages gnupg suggests:
pn parcimonie <none>
pn xloadimage <none>
-- no debconf information
More information about the pkg-gnupg-maint