GPG-AGENT "ignoring" pinentry program? wrong pinentry app for ssh-keys

Similar Messages

• How do I design/program a simple app for an iPad?

  Hi, I don't even know where to start.
  What program is used to design apps for iPads?
  The app in mind is a simple application with my videos and the user is able to select which video they want to watch by picking it. I would also want the app to be locked so that the user cannot wander freely around the iPad.
  Thanks in advance!

  empipergear wrote:
  Hi, I don't even know where to start.
  http://developer.apple.com

• HT4098 i cant get i tunes to work , i enter my conformation number i got from racecar engineering mag in the special offer/code box and they say it is wrong, the app for that mag says its free i want to read my magazine help

  i purchased racecar engineering mag, i downloaded itunes, installed it got an apple id when i go to download the app so i can read my mag when i go to enter the conformation code i got from the people that sold me the subscription, chelsamags/pixel mags itunes says it dosent work

  Or read the manual.
  The User Guide is available at http://support.apple.com/manuals/ or downloadable from iTunes as an iBook.

• [SOLVED] a problem with gpg-agent and ssh keys

  I'm baffled by a strangle problem:
  My setup is as follows: I use gpg-agent with --enable-ssh-support, so that my ssh keys are handled by it. All was fine (when I ssh'ed to another machine, a pinentry window popped up, asked for a password, and if I entered the correct one, gpg-agent would decrypt its copy of my private ssh key and use it for identification). But: I needed to change my ssh key, and so I generated a new one. Next, I ssh-add'ed it to gpg-agent (one password to decrypt the private key, then twice another password for gpg-agent). I uploaded the public key to a server. The setup should be complete.
  The problem is that when I ssh to a machine, a pinentry window comes up, but it does not accept my password (the one that I entered twice when ssh-add'ing the key). I tried adding with various different passwords (always deleting ~/.gnupg/private-keys-v1.d/*, since 'ssh-add -d ~/.ssh/id_rsa.pub' would not work for some reason - it would not make gpg-agent forget the key), different pinentry programs ( -qt4, -gtk-2, -curses), and still the same problems. Pinentry itself seems to work fine, since if I enter two different things when it asks for a new passphrase for the key, it detects that there's a problem.
  So, can anyone help? What could I try (please don't post just to say that I could/should use ssh-agent, or keychain, or anything else. I have used various things, and I like this setup the most. It worked before, and I would like to find out why it stopped working and how to get it back to speed.)
  Thanks.
  Last edited by bender02 (2010-02-15 09:52:54)

  Thats a known bug with the new gpg version.
  http://lists.gnupg.org/pipermail/gnupg- … 38045.html
  You could use an older version of gpg or use a development version.

• [SOLVED] gpg-agent and the magical passphrase

  Hey fellas,
  I encountered a strange problem. I just copied my gpg and my ssh keys to my laptop
  to use them with gpg-agent.
  So I setup gpg-agent as described in the wiki, did a ssh-add, entered my ssh-key and
  specified a new passphrase (test). "ssh-add -l" looked good, but ...
  After that I tried to ssh to some of my server, gpg-agent asked for the passphrase, but it seemed i misstyped "test" .... misstyped it again .... and so on, i tired every fuckin password i got, readded the key etc.
  But nothin helped, even the debug-level guru wasnt helpful.
  What could be wrong?
  Best regards,
  b52
  Last edited by b52 (2010-02-15 14:55:04)

  If got the same Problem.
  Tried a lot but nothing worked it out.
  ssh-add ask for passphrase of Key and after this for passphrase for the Keyring through my pinetry program.
  But after re-entering the passphrase it won't work.
  Seems to be a bug !?
  (PS: I am using Gentoo)

• Good chroma keying app for ipod 4g?

         Does anyone know of a good app for chroma keying (or green screening) on the ipod touch 4g? I have seen like ten or so, but was wondering if anyone here has used one that they really like?
         Also if anyone knows of a good video editing app for ios? I was really dissappointed in imovie, i knew it wouldn't be like the mac version, but no editing of backround music, no choseing your own transition just using them transition for the whole video, and same w/ text!

  Any ideas?

• Help with gpg-agent, ssh, and pinentry-curses

  I use gpg-agent to manage my ssh keys, and for a system that I regularly ssh into, I would like to use pinentry-curses instead of the default pinentry-gtk-2. However, this doesn't work.
  Specifically, I start gpg-agent using script from the arch wiki, /etc/profile.d/gpg-agent.sh:
  if [ $EUID -ne 0 ] ; then
  envfile="$HOME/.gnupg/gpg-agent.env"
  if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
  eval "$(cat "$envfile")"
  else
  eval "$(gpg-agent --daemon --enable-ssh-support --write-env-file "$envfile")"
  fi
  export GPG_AGENT_INFO # the env file does not contain the export statement
  export SSH_AUTH_SOCK # enable gpg-agent for ssh
  fi
  and have the following config files
  ~/.gnupg/gpg-agent.conf:
  # Keyboard control
  no-grab
  # PIN entry program
  pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  #pinentry-program /usr/bin/pinentry-gtk-2
  ~/.gnupg/gpg.conf:
  use-agent
  ~/.bashrc:
  GPG_TTY=$(tty)
  export GPG_TTY
  Whenever I attempt to ssh using the key that's already been added to gpg-agent, I get the following message:
  Agent admitted failure to sign using the key.
  Permission denied (public key).
  If I change my ~/.gnupg/gpg-agent.conf file to the following:
  # Keyboard control
  #no-grab
  # PIN entry program
  #pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  pinentry-program /usr/bin/pinentry-gtk-2
  then everything works fine, and I'm prompted for my passphrase when using ssh.
  I've read posts having to do with a similar issue:
  https://bbs.archlinux.org/viewtopic.php?id=138546
  https://bugs.archlinux.org/task/29156
  It looks like the difference between those and my issue is that I'm using ssh, not just gpg, and I'm not using su. In fact, if I have pinentry-curses set in gpg-agent.conf, and I try to use gpg to encrypt and decrypt a file, everything works fine. The file encrypts, and when decrypting, I am prompted by pinentry-curses for my passphrase. It's just ssh combined with pinentry-curses that gives me troubles.

  I think it actually is the tty capability bug that's biting you...try adding '--without-libcap' to the pinentry-curses PKGBUILD from ABS (/var/abs/core/pinentry/) and rebuilding the package.
  Scott

• Gpg-agent with systemd

  Hey!
  I am a novice Arch user and I am having problems with the latest gpg distribution when used with systemd and ssh-support. Currently, I am using i3 with lightdm, and I am using systemd to start gpg-agent with ssh support. Specifically, I have the following gpg-agent.service file in my ${HOME}/.config/systemd/user/ directory:
  [Unit]
  Description=gpg-agent Daemon with SSH Support
  [Service]
  Type=forking
  ExecStart=/usr/bin/gpg-agent --quiet --daemon --enable-ssh-support
  Restart=on-success
  [Install]
  WantedBy=default.target
  which is expected to restart when exited properly and/or due to a signal. When I enable and start the service with systemctl --user prefix, it works as it is supposed to be. I have the following gpg-agent.conf file:
  default-cache-ttl 600
  default-cache-ttl-ssh 3600
  max-cache-ttl 7200
  max-cache-ttl-ssh 7200
  enforce-passphrase-constraints
  min-passphrase-len 10
  min-passphrase-nonalpha 4
  max-passphrase-days 180
  pinentry-program /usr/bin/pinentry-curses
  and the following excerpt in my .zshrc:
  # GPG configuration
  # Check for the gpg-agent socket, and set SSH_AUTH_SOCK and GPG_TTY
  # environment variables accordingly:
  if [[ -S "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export GPG_TTY=$(tty)
  if [[ ${SSH_AUTH_SOCK} != "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi
  fi
  The problem is, everything is working properly except for one thing: "When I want to ssh to my server, I get an 'Agent admitted failure to sign using the key' error." I mean, the environment variables seem to be fine when I fire up a zsh session (terminal emulator) and/or everything seems ok when I issue systemctl --user status gpg-agent, but I cannot ssh to my server using my gpg-key. However, when I stop the systemd unit and just issue eval $(gpg-agent --quiet --daemon --enable-ssh-support) in a new terminal emulator, ssh works fine. In both of the aforementioned versions, when I issue gpg --clearsign some_file.txt command, I am asked in the terminal emulator for my password (I suppose in the so called curses pinentry program).
  I thank you in advance for your time, and appreciate any suggestions. Best,

  You might need to make a script to start it. Like "/usr/local/bin/gpg-agent-daemon.zsh"
  then in that file have:
  #!/usr/bin/zsh
  gpg-agent --quiet --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
  And do chmod +x
  And in your gpg-agent.service file:
  [Service]
  Type=forking
  ExecStart=gpg-agent-daemon.zsh
  <...>
  And then in $ZDOTDIR/.zprofile
  # GPG configuration
  # Check for the gpg-agent socket, and set SSH_AUTH_SOCK and GPG_TTY
  # environment variables accordingly:
  if [[ -S "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export GPG_TTY=$(tty)
  export GPG_TTY
  if [[ ${SSH_AUTH_SOCK} != "${HOME}/.gnupg/S.gpg-agent.ssh" ]]; then
  export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi
  if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
  fi
  fi

• [SOLVED] Thunderbird & Enigmail: Using gpg-agent to cache key

  Hi,
  I set up Thunderbird with Enigmail to encrypt my emails.
  However, I do not want to enter my password EVERYTIME I want to read an encrypted email. A quick tab change etc. gets annoying, so I wanted to set-up a time out of 10min.
  Also, I want to use gpg-agent for that (unless there are by far better options), as I could also manage my SSH keys with that (haven't look into it yet, though)
  What I have done:
  - Installed TB & Enigmail, gerated keypair, uploaded to keyserver, tried it with a friend (works)
  - Added gpg-agent startupscript to xinitrc, verified that it runs on x startup (also writes env file so it will only run once, even if x is started multiple times)
  - In enigmail settings selected to use gpg-agent
  - Checked gpg-agent cache timeout (set to 300sec (default-cache-ttl))
  Problem:
  Thunderbird/Enigmail still promts for my passphrase everytime I want to view an encrypted email, even when I quickly switch tabs..
  I would really appreciate some pointing into the right directioin/help on how to ideally solve this problem.
  Thanks for your time
  Last edited by replax (2013-07-31 09:04:03)

  I guess you mean: OpenPGP->Preferences->Passphrase Settings
  These settings do not apply because it only works when the passphrase handling is done by enigmail/TB. It also gives you a warning, that, if you use gpg 2.0 or later you have to use gpg-agent for passphrase handling and have to set the cache time in the agent itself somehow.
  EDIT: Seems to have gotten it to work, I simply added a pinentry-program to the gpg-agent.conf (qt4 version). Strange though, as it should use the gtk entry program by default....
  Is this a feature or a bug? Or is it special in the arch package, e.g. compiled with no default or something like that?

• Kmail and gpg-agent

  as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
  i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
  but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
  i'm starting gpg-agent from ~/.xinitrc with this line:
  gpg-agent --daemon
  and
  [damir@Asteraceae ~]$ ps -e | grep gpg-agent
  6628 ? 00:00:00 gpg-agent
  thanx in advance for any help

  tpowa wrote:strange you also did that pinentry stuff?
  i have
  pinentry-program /usr/bin/pinentry-qt
  in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
  tpowa wrote:i didn't test the funcionality of gpg
  can someone do some reasearch on that
  kde 3.3.2 is round the corner would be great if it works till then
  yea, that would be nice ...
  well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
  here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way))

• Loop-aes/mount with gpg-agent

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

• How to add javaprocedure as Concurrent program in oracle apps environment.

  Hello everyone,
  please accept my apology if iam asking question in a wrong fourm.and guide to correct forum.
  I have a javaprocedure.now i need to register it as a concurrent program in R11 apps env.
  so,in the executable name i have a confusion ..that, should i have to give the function name or the java class name.
  can anyone who registed a javaprocedure in apps evironment...give some idea please .

  java class name (case sensitive)
  How to register and execute Java Concurrent Program ?in Oracle Applications R11i ? [ID 186301.1]
  How To Create a Java Concurrent Program? [ID 827563.1]

• I just bought a iTunes card and its not accepting it.  It already sent it to the support team and they said they were going to get back to my within 24 hours and i am trying to buy a program in the app store for work.  How can I expedite this process?

  I just bought a iTunes card and its not accepting it.  It already sent it to the support team and they said they were going to get back to my within 24 hours and i am trying to buy a program in the app store for work.  How can I expedite this process?

  Has it been 24 hours?
  I take it this was a gift card.  iTunes Store:  Invalid, Inactive, or Illegible codes http://support.apple.com/kb/TS1292 - gift cards
  I don't know if this provides an alternative means: https://expresslane.apple.com ; select 'iTunes' in the first column; 'iTunes Store' in the second column
  If you are really desperate you could buy the app yourself, then request reimbursement.

• How can I develop/Publish an Apple TV app for my own comertial media streaming? Technologies? Programming? Publish? and Charges to activate on the device?

  How can I submit apps for AppleTV?
  What technologies I have to use?
  What programming and what are the charges incored?
  App Details.
  This is an ( Channel ) app with subscription based.
  The app streams video content Live and Video On Demond.
  This is a subscription based.
  I should have facility to add sub channels.

  Sign up as an iOS developer to get the information needed.

• I want to enrol in the developer program but am unsure which one to enrol in. I currently work fro a business employing 2-3 people and have clients asking about apps for ipad iphone and i also run my own personal marketing business with my wife.

  Which developer prgram do i enrol in.
  I work for a small company which my brother and myself run and i also have my own business which i run with my wife.
  Which developer program do i enrol in for creating ios apps for clients for ipad and iphone?

  Choosing an iOS Developer Program / Which Developer Program is for you?