Gpg-agent with systemd

Similar Messages

• [SOLVED] a problem with gpg-agent and ssh keys

  I'm baffled by a strangle problem:
  My setup is as follows: I use gpg-agent with --enable-ssh-support, so that my ssh keys are handled by it. All was fine (when I ssh'ed to another machine, a pinentry window popped up, asked for a password, and if I entered the correct one, gpg-agent would decrypt its copy of my private ssh key and use it for identification). But: I needed to change my ssh key, and so I generated a new one. Next, I ssh-add'ed it to gpg-agent (one password to decrypt the private key, then twice another password for gpg-agent). I uploaded the public key to a server. The setup should be complete.
  The problem is that when I ssh to a machine, a pinentry window comes up, but it does not accept my password (the one that I entered twice when ssh-add'ing the key). I tried adding with various different passwords (always deleting ~/.gnupg/private-keys-v1.d/*, since 'ssh-add -d ~/.ssh/id_rsa.pub' would not work for some reason - it would not make gpg-agent forget the key), different pinentry programs ( -qt4, -gtk-2, -curses), and still the same problems. Pinentry itself seems to work fine, since if I enter two different things when it asks for a new passphrase for the key, it detects that there's a problem.
  So, can anyone help? What could I try (please don't post just to say that I could/should use ssh-agent, or keychain, or anything else. I have used various things, and I like this setup the most. It worked before, and I would like to find out why it stopped working and how to get it back to speed.)
  Thanks.
  Last edited by bender02 (2010-02-15 09:52:54)

  Thats a known bug with the new gpg version.
  http://lists.gnupg.org/pipermail/gnupg- … 38045.html
  You could use an older version of gpg or use a development version.

• SSH Key login not working when added to gpg-agent

  Hello,
  As I use gnupg, I run the gpg-agent. I run it with systemd --user and it works flawlessly. As I already run gpg-agent, I figured I might as well just add my ssh keys to it as well. Therefore I start gpg-agent with --enable-ssh-support. I use my SSH keys a lot and never had any problems with connecting to anything with a simple ssh .... or pushing things to git etc.
  As the SOCKS_AUTH_SSH envvar needs to be set for ssh-add to work, I added this line to my .bashrc
  export SSH_AUTH_SOCK=~/.gnupg/S.gpg-agent.ssh
  Now, adding my SSH Keys with a simple ssh-add seems to work fine (no errors etc).
  However, when I try to connect to a server now, the following happens:
  ssh -vT [email protected]
  OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Connecting to XXXXXXXXX port XXXXX.
  debug1: Connection established.
  debug1: identity file /home/XXXXX/.ssh/id_rsa type 1
  debug1: key_load_public: No such file or directory
  debug1: identity file /home/XXXXX/.ssh/id_rsa-cert type -1
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_6.8
  debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
  debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr [email protected] none
  debug1: kex: client->server aes128-ctr [email protected] none
  debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Mw5MTDp91yExgStdoMPMwi2yZdoG9MruOm+6XiC5Vks
  debug1: Host '[XXXXXXX]:XXX' is known and matches the ECDSA host key.
  debug1: Found key in /home/XXXX/.ssh/known_hosts:1
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /home/XXXXX/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 279
  debug1: No more authentication methods to try.
  Permission denied (publickey).
  Which is very strange as id_rsa is my (ecrypted) private key. I am also prompted to enter the corresponding password when issuing ssh-add.
  What could the problem be in this case? Thanks a lot!!
  Last edited by replax (2015-05-18 19:06:58)

  replax wrote:Well, there is something listed in .gnupg/sshcontrol , I am not sure if it is connected to my own key though. I tried ssh-add -l and it will list my one key, although it is different from the one in sshcontrol. I suspect that that is an issue of presentation though, as ssh-add spews out the SHA256 of my key..
  How could I go about verifying that they key is indeed correct? Shouldn't it be added automatically by ssh-add?
  Thanks a lot!!
  Yes it should be added automatically. I suppose you could try it in a new user just to start fresh and see if it works, at least then you'll have either verified that your steps were correct or incorrect.

• Gpg-agent is mysteriously started by systemd

  So I recently switched from initscripts to systemd. Now when I use SSH, gpg-agent tries to save my passwords, but I can't figure out how it got started.
  It's definitely running, started by systemd (or at least, orphaned such that it is parented on systemd):
  $ ps aux | grep gpg-agent
  aogier 405 0.0 0.1 5436 1352 ? Ss 07:30 0:00 /usr/bin/gpg-agent --sh --daemon --enable-ssh-support --write-env-file /home/aogier/.cache/gpg-agent-info
  $ pstree
  systemd─┬─...
  ├─gpg-agent───scdaemon
  ├─...
  But I can't find out why systemd feels the need to start it, the following all turn up empty:
  $ systemctl list-units --all | grep gpg
  $ systemctl list-unit-files --all | grep gpg
  $ grep gpg -r /etc/systemd
  $ grep gpg -r /usr/lib/systemd
  My guess is something is starting gpg-agent and orphaning it, but why it's started in daemon mode with ssh support is beyond me. It gets in the way of my ssh-agent usage, and it disturbs me (a week ago I removed a SSH private key from my computer, only to find today that I could still authenticate using it because gnupg held onto it -- ick).
  Anyone know what the problem could be? Maybe XFCE or LXDM?

  Clueless wrote:
  So I recently switched from initscripts to systemd. Now when I use SSH, gpg-agent tries to save my passwords, but I can't figure out how it got started.
  It's definitely running, started by systemd (or at least, orphaned such that it is parented on systemd):
  $ ps aux | grep gpg-agent
  aogier 405 0.0 0.1 5436 1352 ? Ss 07:30 0:00 /usr/bin/gpg-agent --sh --daemon --enable-ssh-support --write-env-file /home/aogier/.cache/gpg-agent-info
  $ pstree
  systemd─┬─...
  ├─gpg-agent───scdaemon
  ├─...
  But I can't find out why systemd feels the need to start it, the following all turn up empty:
  $ systemctl list-units --all | grep gpg
  $ systemctl list-unit-files --all | grep gpg
  $ grep gpg -r /etc/systemd
  $ grep gpg -r /usr/lib/systemd
  My guess is something is starting gpg-agent and orphaning it, but why it's started in daemon mode with ssh support is beyond me. It gets in the way of my ssh-agent usage, and it disturbs me (a week ago I removed a SSH private key from my computer, only to find today that I could still authenticate using it because gnupg held onto it -- ick).
  Anyone know what the problem could be? Maybe XFCE or LXDM?
  Have you check if it's not started in /etc/profile.d/ ?

• Loop-aes/mount with gpg-agent

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

  Hey,
  this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
  /dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
  When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?

• Help with gpg-agent, ssh, and pinentry-curses

  I use gpg-agent to manage my ssh keys, and for a system that I regularly ssh into, I would like to use pinentry-curses instead of the default pinentry-gtk-2. However, this doesn't work.
  Specifically, I start gpg-agent using script from the arch wiki, /etc/profile.d/gpg-agent.sh:
  if [ $EUID -ne 0 ] ; then
  envfile="$HOME/.gnupg/gpg-agent.env"
  if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
  eval "$(cat "$envfile")"
  else
  eval "$(gpg-agent --daemon --enable-ssh-support --write-env-file "$envfile")"
  fi
  export GPG_AGENT_INFO # the env file does not contain the export statement
  export SSH_AUTH_SOCK # enable gpg-agent for ssh
  fi
  and have the following config files
  ~/.gnupg/gpg-agent.conf:
  # Keyboard control
  no-grab
  # PIN entry program
  pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  #pinentry-program /usr/bin/pinentry-gtk-2
  ~/.gnupg/gpg.conf:
  use-agent
  ~/.bashrc:
  GPG_TTY=$(tty)
  export GPG_TTY
  Whenever I attempt to ssh using the key that's already been added to gpg-agent, I get the following message:
  Agent admitted failure to sign using the key.
  Permission denied (public key).
  If I change my ~/.gnupg/gpg-agent.conf file to the following:
  # Keyboard control
  #no-grab
  # PIN entry program
  #pinentry-program /usr/bin/pinentry-curses
  #pinentry-program /usr/bin/pinentry-qt4
  #pinentry-program /usr/bin/pinentry-kwallet
  pinentry-program /usr/bin/pinentry-gtk-2
  then everything works fine, and I'm prompted for my passphrase when using ssh.
  I've read posts having to do with a similar issue:
  https://bbs.archlinux.org/viewtopic.php?id=138546
  https://bugs.archlinux.org/task/29156
  It looks like the difference between those and my issue is that I'm using ssh, not just gpg, and I'm not using su. In fact, if I have pinentry-curses set in gpg-agent.conf, and I try to use gpg to encrypt and decrypt a file, everything works fine. The file encrypts, and when decrypting, I am prompted by pinentry-curses for my passphrase. It's just ssh combined with pinentry-curses that gives me troubles.

  I think it actually is the tty capability bug that's biting you...try adding '--without-libcap' to the pinentry-curses PKGBUILD from ABS (/var/abs/core/pinentry/) and rebuilding the package.
  Scott

• Keychain and gpg-agent not getting along

  I have a problem with gpg-agent. I have been using the Funtoo keychain tool for a while, for my SSH keys exclusively. Works flawlessly - I log in, I call keychain, I type in my passphrases, and it caches my keys. Never get prompted for a passphrase during SSH connection attempts.
  GPG is a different story. I have a GPG key, and I occasionally en- and decrypt files with it. So far so good. I also found out how to get keychain to cache the GPG key. It also picks up my gpg-agent, which is started as per the wiki entry (except that instead of putting it systemwide in /etc/profile.d, I put it in Openbox's ~/.config/openbox/environment file, which is where the SSH agent stuff is supposed to go as well.
  Gpg-agent seemingly launches fine, it exports its environment variables just fine:
  $ echo $GPG_AGENT_INFO
  /tmp/gpg-3faT29/S.gpg-agent:2352:1
  $ cat .gnupg/gpg-agent.env
  GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1
  There's only one gpg-agent process running:
  $ ps aux|grep gpg-agent
  luser 2352 0.0 0.0 16252 1184 ? Ss 00:00 0:00 gpg-agent --daemon --write-env-file /home/stijn/.gnupg/gpg-agent.env
  luser 3411 0.0 0.0 9276 1016 pts/0 S+ 00:16 0:00 grep gpg-agent
  Keychain picks that up as well:
  $ keychain --eval
  * keychain 2.7.1 ~ http://www.funtoo.org
  * Found existing ssh-agent: 2346
  SSH_AUTH_SOCK=/tmp/ssh-YhDgORoL2345/agent.2345; export SSH_AUTH_SOCK;
  SSH_AGENT_PID=2346; export SSH_AGENT_PID;
  * Found existing gpg-agent: 2352
  GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1; export GPG_AGENT_INFO;
  * Known ssh key: /home/stijn/.ssh/id_rsa-amalthea
  * Known ssh key: /home/stijn/.ssh/id_rsa-athena
  * Known ssh key: /home/stijn/.ssh/id_rsa-zeus
  * Known ssh key: /home/stijn/.ssh/id_rsa-mnemosyne
  * Known gpg key: [8 digit hex key]
  However, when I open Mutt (or just try to decrypt about any GPG encrypted file), it will prompt me for the passphrase, despite the key already being cached. Passing --use-agent does not help (I also set that in ~/.gnupg/gpg.conf).
  The bizarre thing being, of course, that the keychain-cached key did not get picked up, but if I enter my passphrase into the prompt I get the first time I call gpg, it does seem to get cached - I can open mutt, decrypt files, etc., it will all use that cached key.
  Any tips? I get the feeling I'm missing something, but couldn't find what exactly.
  Last edited by .:B:. (2011-12-06 22:25:27)

  Gpg-agent by itself works fine, although I get the feeling that, a bit like sudo, there's an expiration date on the cached key - it seems I need to type the passphrase again after a few hours or so.
  Either way, I'd love to get this working with keychain.

• GPG-AGENT "ignoring" pinentry program? wrong pinentry app for ssh-keys

  Hi!
  I am using gpg-agent to handle my gpg keys and wanted it to handle my ssh keys too, since it is running anyway.
  it works perfectly fine with gpg keys, my pinentry program is pinentry-qt4 , upon request that window pops up for me to enter my passphrase.
  as window manager i use awesome wm.
  however, when i try to use my ssh key, e.g. for github, no pinentry program pops up and in xterm it looks like:
  [me@mybox dotfiles]$ git push origin master
  it seems that is is waiting for my passphrase input but it isnt asking for it. neither does it accept it.
  when i quit my WM, i see that it executed the pinentry program directly in my tty1, to which i do not have access while running my WM.
  my gpg-agent.conf:
  me@mybox ~/.gnupg> cat gpg-agent.conf
  default-cache-ttl 300
  max-cache-ttl 7200
  pinentry-program /usr/bin/pinentry-qt4
  how do i get gpg-agent to respect my pinentry choice for my ssh keys as well?
  thanks for your time !

  I use this
  $ cat /etc/kde/env/gpg-agent-startup.sh
  #!/bin/sh
  # see https://wiki.archlinux.org/index.php/SSH_Keys
  GPG_AGENT=/usr/bin/gpg-agent
  ## Run gpg-agent only if not already running, and available
  if [ -x "${GPG_AGENT}" ] ; then
  # check validity of GPG_SOCKET (in case of session crash)
  GPG_AGENT_INFO_FILE=${HOME}/.gpg-agent-info
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  GPG_AGENT_PID=`cat ${GPG_AGENT_INFO_FILE} | grep GPG_AGENT_INFO | cut -f2 -d:`
  GPG_PID_NAME=`cat /proc/${GPG_AGENT_PID}/comm`
  if [ ! "x${GPG_PID_NAME}" = "xgpg-agent" ]; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  else
  GPG_SOCKET=`cat "${GPG_AGENT_INFO_FILE}" | grep GPG_AGENT_INFO | cut -f1 -d: | cut -f2 -d=`
  if ! test -S "${GPG_SOCKET}" -a -O "${GPG_SOCKET}" ; then
  rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
  fi
  fi
  unset GPG_AGENT_PID GPG_SOCKET GPG_PID_NAME SSH_AUTH_SOCK
  fi
  if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
  eval "$(cat "${GPG_AGENT_INFO_FILE}")"
  eval "$(cut -d= -f 1 "${GPG_AGENT_INFO_FILE}" | xargs echo export)"
  export GPG_TTY=$(tty)
  else
  eval "$(${GPG_AGENT} -s --enable-ssh-support --daemon --pinentry-program /usr/bin/pinentry-qt4 --write-env-file)"
  fi
  fi
  I think I could probably use the /etc/profile.d location but when I first set it up, kde was already running gpg-agent so I adapted its file. Later, I uninstalled the thing which does that in kde and just kept my own customised version.
  Are you sure that your xinitrc isn't starting a second gpg-agent?

• KDE4.1 ssh-agent and gpg-agent

  Suddenly after an update of kdeworkspace my ssh-agent and gpg-agent have stopped working. Does anyone else have also this problem?
  Regards,

  I've also had this problem, although I don't know the exact time it stopped working as I have not had to use my laptop to ssh for a while.
  Everything seems to get created OK - the socket is created:
  [daren@daren_laptop env]$ ll /tmp/gpg-MZi0kX/
  total 0
  srwxr-xr-x 1 daren daren 0 2009-01-18 10:06 S.gpg-agent
  and the env variable points to it:
  [daren@daren_laptop env]$ env | grep GPG
  GPG_AGENT_INFO=/tmp/gpg-MZi0kX/S.gpg-agent:4508:1
  and the agent is running on the correct pid:
  [daren@daren_laptop env]$ ps axf | grep gpg-agent
  4508 ? Ss 0:00 gpg-agent --daemon
  4902 pts/0 R+ 0:00 \_ grep gpg-agent
  If i run ssh-add from the command line, I get this:
  [daren@daren_laptop env]$ ssh-add
  Could not open a connection to your authentication agent.
  [daren@daren_laptop env]$
  I'm not that clued up on using the agent - it's always "just worked" after adding the script to ~/.kde4/env, but I'm kind of stuck now.  There was another post about issues with KDE 4.1 and the agents, but they resolved theirs by doing what I've had setup for a while now.

• [SOLVED] Thunderbird & Enigmail: Using gpg-agent to cache key

  Hi,
  I set up Thunderbird with Enigmail to encrypt my emails.
  However, I do not want to enter my password EVERYTIME I want to read an encrypted email. A quick tab change etc. gets annoying, so I wanted to set-up a time out of 10min.
  Also, I want to use gpg-agent for that (unless there are by far better options), as I could also manage my SSH keys with that (haven't look into it yet, though)
  What I have done:
  - Installed TB & Enigmail, gerated keypair, uploaded to keyserver, tried it with a friend (works)
  - Added gpg-agent startupscript to xinitrc, verified that it runs on x startup (also writes env file so it will only run once, even if x is started multiple times)
  - In enigmail settings selected to use gpg-agent
  - Checked gpg-agent cache timeout (set to 300sec (default-cache-ttl))
  Problem:
  Thunderbird/Enigmail still promts for my passphrase everytime I want to view an encrypted email, even when I quickly switch tabs..
  I would really appreciate some pointing into the right directioin/help on how to ideally solve this problem.
  Thanks for your time
  Last edited by replax (2013-07-31 09:04:03)

  I guess you mean: OpenPGP->Preferences->Passphrase Settings
  These settings do not apply because it only works when the passphrase handling is done by enigmail/TB. It also gives you a warning, that, if you use gpg 2.0 or later you have to use gpg-agent for passphrase handling and have to set the cache time in the agent itself somehow.
  EDIT: Seems to have gotten it to work, I simply added a pinentry-program to the gpg-agent.conf (qt4 version). Strange though, as it should use the gtk entry program by default....
  Is this a feature or a bug? Or is it special in the arch package, e.g. compiled with no default or something like that?

• Kmail and gpg-agent

  as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
  i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
  but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
  i'm starting gpg-agent from ~/.xinitrc with this line:
  gpg-agent --daemon
  and
  [damir@Asteraceae ~]$ ps -e | grep gpg-agent
  6628 ? 00:00:00 gpg-agent
  thanx in advance for any help

  tpowa wrote:strange you also did that pinentry stuff?
  i have
  pinentry-program /usr/bin/pinentry-qt
  in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
  tpowa wrote:i didn't test the funcionality of gpg
  can someone do some reasearch on that
  kde 3.3.2 is round the corner would be great if it works till then
  yea, that would be nice ...
  well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
  here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way))

• [SOLVED] gpg-agent and the magical passphrase

  Hey fellas,
  I encountered a strange problem. I just copied my gpg and my ssh keys to my laptop
  to use them with gpg-agent.
  So I setup gpg-agent as described in the wiki, did a ssh-add, entered my ssh-key and
  specified a new passphrase (test). "ssh-add -l" looked good, but ...
  After that I tried to ssh to some of my server, gpg-agent asked for the passphrase, but it seemed i misstyped "test" .... misstyped it again .... and so on, i tired every fuckin password i got, readded the key etc.
  But nothin helped, even the debug-level guru wasnt helpful.
  What could be wrong?
  Best regards,
  b52
  Last edited by b52 (2010-02-15 14:55:04)

  If got the same Problem.
  Tried a lot but nothing worked it out.
  ssh-add ask for passphrase of Key and after this for passphrase for the Keyring through my pinetry program.
  But after re-entering the passphrase it won't work.
  Seems to be a bug !?
  (PS: I am using Gentoo)

• Script to clear cached gpg-agent passphrase?

  Hello,
  I recently setup enigmail with thunderbird so I can sign and encrypt email. I had an issue with the passphrase being cached by seahorse, and was unable to find a setting to change the time. Doing a lot of searching I found that setting "use-agent" in ~/.gnupg/gpg.conf and setting appropriate timeouts in ~/.gnupg/gpg-agent.conf was supposed to work. But after many, many failed attempts, I switched from gnome to xfce and got rid of seahorse (probably making this far more complicated than I needed to, but I like xfce, too). As soon as I did that the timeouts I set in gpg-agent.conf started working correctly. Currently using 300 seconds. I would like to extend this time to 10 or 20 minutes to save the password hassle while going through emails, but would like an "easy" way to clear the cached passphrase when I'm finished. I always lock my desktop when I'm away, but would prefer to know my signature and key passphrase is no longer cached when I get up.
  I found this in the kde wiki:
  killall gpg-agent    -stops all instances
  eval "$(gpg-agent --daemon)"     -will restart the agent
  gpg-agent status     -should tell you if the agent is running.
  If I execute eval "$(gpg-agent --daemon)" nothing seems to happen, I can click any message and it decrypts without asking for my passphrase (as long as the 5 minute timeout hasn't expired of course).
  If I kill gpg-agent, and then use eval "$(gpg-agent --daemon)" to start it back up, when I click on an encrypted message in thunderbird I get this error in the signature banner "Error - signature verification failed; click on 'Details' button for more information"
  OpenPGP security info reveals the following:
  Error - signature verification failed
  gpg command line and output:
  /usr/bin/gpg
  can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': No such file or directory
  gpg: can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': connect failed
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: public key decryption failed: bad passphrase
  gpg: decryption failed: secret key not available
  Restarting thunderbird doesn't help. Restarting the computer fixes it. It looks like when gpg-agent starts it creates a gpg-RANDOM temp directory, and when I restart it that changes, but enigmail doesn't pick this up even after restarting thunderbird. How does it figure it out on a fresh start?
  Is there anyway to simply clear the gpg-agent cached passphrase and then be able to use it again (supply the password) without having to restart the computer?
  Thanks!

  Send a SIGHUP signal to the gpg-agent process. This will clear all stored passphrases.
  pkill -SIGHUP gpg-agent

• Gnome and kde not loading with systemd

  Hello!
  I use [testing] repo and after some updates i can't use gnome or kde with systemd anymore.
  * with sysvinit everything works
  * xfce and other wms works fine with systemd and sysv
  * 'gnome-shell --replace' also work in xfce with systemd
  * I've got some errors:
  gnome-session[2301]: WARNING: Application 'gnome-settings-daemon.desktop' failed to register before timeout
  (gnome-settings-daemon:2321): libupower-glib-WARNING **: Couldn't enumerate devices: Activation of org.freedesktop.UPower timed out
  gnome-session[2301]: WARNING: Application 'gnome-shell.desktop' failed to register before timeout
  (gnome-settings-daemon:2321): color-plugin-WARNING **: GDBus.Error:org.freedesktop.ColorManager.Failed: failed to obtain org.freedesktop.color-manager.create-profile auth
  QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.
  Object::connect: No such signal QDBusAbstractInterface::DeviceAdded(QString)
  plasma-desktop(2323): Communication problem with  "plasma-desktop" , it probably crashed.
  Error message was:  "org.freedesktop.DBus.Error.Disconnected" : " "Connection was disconnected before a reply was received" "
  I think there is some problems with dbus...

  Without a dbus socket, dbus probably isn't running. It's supposed to be started automatically when a program needs it. Check to see that it is installed and running:
  pacman -Q dbus
  pgrep -l dbus
  Dbus won't run without hal, so hal should be in:
  tail /etc/rc.conf
  Are any of your partitions full?
  df -h
  For the other error, it looks like libdrm isn't installed, but I don't think you need it if you're running the nvidia driver.
  Your xorg.conf and Xorg.0.log would also be useful. Also check dmesg for errors.
  And see if /etc/rc.d/dbus is marked executable.
  Last edited by fphillips (2009-05-12 18:27:41)

• Help required regarding Integrating Conversion Agent with SAP-XI

  I want to run a simple File to File scenario which involves integrating conversion
  agent. I gone through a webblog:Integrate SAP Conversion Agent by Itemfield with SAP XI
  I deployed the module and I configured the channel in the same way what was specified in the webblog.
  But when I run my scenario I found CM_TRANSFORMATION_ERROR as the error in communication channel monitoring.
  Can u please provide me the solution for correcting the above error, this would be a great help for me..

  HI,
  see the below links
  http://help.sap.com/saphelp_nw04/helpdata/en/43/6f1f39a08e6fcae10000000a1553f6/CMSUserGd.pdf
  http://help.sap.com/saphelp_nw04/helpdata/en/ee/c9f0b4925af54cb17c454788d8e466/frameset.htm - cc
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/95/bb623c6369f454e10000000a114084/content.htm - fcc cOUNTER
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/da1e7c16-0c01-0010-278a-eaed5eae5a5f - conversion agent
  with item fiels.
  Regards
  Chilla