[SOLVED] gpg-agent and the magical passphrase
Hey fellas,
I encountered a strange problem. I just copied my gpg and my ssh keys to my laptop
to use them with gpg-agent.
So I setup gpg-agent as described in the wiki, did a ssh-add, entered my ssh-key and
specified a new passphrase (test). "ssh-add -l" looked good, but ...
After that I tried to ssh to some of my server, gpg-agent asked for the passphrase, but it seemed i misstyped "test" .... misstyped it again .... and so on, i tired every fuckin password i got, readded the key etc.
But nothin helped, even the debug-level guru wasnt helpful.
What could be wrong?
Best regards,
b52
Last edited by b52 (2010-02-15 14:55:04)
If got the same Problem.
Tried a lot but nothing worked it out.
ssh-add ask for passphrase of Key and after this for passphrase for the Keyring through my pinetry program.
But after re-entering the passphrase it won't work.
Seems to be a bug !?
(PS: I am using Gentoo)
Similar Messages
-
[SOLVED] a problem with gpg-agent and ssh keys
I'm baffled by a strangle problem:
My setup is as follows: I use gpg-agent with --enable-ssh-support, so that my ssh keys are handled by it. All was fine (when I ssh'ed to another machine, a pinentry window popped up, asked for a password, and if I entered the correct one, gpg-agent would decrypt its copy of my private ssh key and use it for identification). But: I needed to change my ssh key, and so I generated a new one. Next, I ssh-add'ed it to gpg-agent (one password to decrypt the private key, then twice another password for gpg-agent). I uploaded the public key to a server. The setup should be complete.
The problem is that when I ssh to a machine, a pinentry window comes up, but it does not accept my password (the one that I entered twice when ssh-add'ing the key). I tried adding with various different passwords (always deleting ~/.gnupg/private-keys-v1.d/*, since 'ssh-add -d ~/.ssh/id_rsa.pub' would not work for some reason - it would not make gpg-agent forget the key), different pinentry programs ( -qt4, -gtk-2, -curses), and still the same problems. Pinentry itself seems to work fine, since if I enter two different things when it asks for a new passphrase for the key, it detects that there's a problem.
So, can anyone help? What could I try (please don't post just to say that I could/should use ssh-agent, or keychain, or anything else. I have used various things, and I like this setup the most. It worked before, and I would like to find out why it stopped working and how to get it back to speed.)
Thanks.
Last edited by bender02 (2010-02-15 09:52:54)Thats a known bug with the new gpg version.
http://lists.gnupg.org/pipermail/gnupg- … 38045.html
You could use an older version of gpg or use a development version. -
Just installed Lion and the Magic TrackPad and I am having a problem with one click commands. I have to hit the pad fairly hard with one finger to get it to accept the command. Is this normal, is there another way that I am suppose to execute commands?
No you just need to turn on Tap to Click. Go into System Preferences - Trackpad and click the Point to Click tab and select the first box which will say Tap to Click and you should be in business.
-
Today I can't switch on my Magic Trackpad. (no greeen light appears). Yesterday I changed batteries and the Magic Pad worked propperly till I ended using my Mac. Today there's no connection possible.
Any ideas?
Thank's for writing back.
WolframMake sure you used good batteries, put the + side into the tube first and tap the power button once. If you don't get a green light then it must be bad.
-
Can I have both my wireless mouse and the Magic Trackpad active at the same time next to my desktop iMac?
Yes. I do. I use the Trackpad to make fine adjustments for video edits.
-
Keyboard and the magic mouse cannot using and pairing in win7
keyboard and the magic mouse cannot using and pairing in win7
already install boot camp in win7 but can using in OSXthanks I tried re installing the drivers (which were working fine before this windows update) but unfortunately it did not work. I can not access my bluetooth settings at al in windows yet it works fine on the mac side of things (I'm using them to type this)
-
I don't received codes and the magic wand of PS does not work
I don't received no codes, now I can't no use LR
the magic wand of PS does not workWe can't know. You have not provided any useful technical info about your system or other details. If you bought the photographer's bundle for Creative Cloud then there are no serial numbers. Refer to this:
Sign in, activation, or connection errors | CS5.5 and later
Mylenium -
Hello All,
Has anyone here used The Magic Track Pad with FCE4? How does it flow with the program. Is it better than the mouse?
Thanks for your thoughts.
MikeSearch is your friend:
http://discussions.apple.com/thread.jspa?messageID=12005731� -
Conversion Agent and the module processor
Hi,
i have to make an offer for a client of ours. Therefore i was thinking to propose the conversion agent for developing a process module into the inbound communication channel in the XI-Scenario.
But i think i understand sth wrong or does this module substitute the normal mapping inside the XI?!
Can someone give me a hand?!
thx in advanceJens,
Conversion Agrent is used to convert non XMl data into XML and vice versa.
For example it can read a PDF, EXCEL and conevrt it into XMl and also convert XML into EDI formats etc etc.
You use the conversion agent studio to develop the conversion mapping and then deploy it as a module. From the comm channel you call the Conversion Agrent Module which in turn runs on its own Engine and does the conversion for you.
So, if possible, you can also use conversion agent to actually read your source and create iyt in the format of the target and thgerbey replace Mapping. But, it all depends on the feasibility of what you are trying to do.
Regards,
Bhavesh -
ITunes Match and the magical disappearing explicit tags
So, after doing a spring (winter?) clean of my iTunes library today, there seems to be a bit of tension between iTunes Match and Explicit tags on tracks.
I'm obsessive with my library and add lyrics via Get Lyrical, use a script to search my iTunes library for specific profanities that outputs them into a playlist then use MetaX to tag all songs in that playlist with the explicit tag. As a student of radio, sometimes, it's just easier to check for tags that drive through yrics for profanity and songs that are airable.
However, for whatever reason, as soon as iTunes Match updates the library with the server, all explicit tags are removed except for those that are downloaded from the store with the tags already added (which is an annoyance in itself because Apple see fit to mark an entire album as explicit even if a specific track is clean and safe for air). Removing the explicit tags will find it readded after the iCloud sync.
All other elements of manual metadata are safe; purchase date, release date, copyright. It just doesn't like explicit tags - hoping it'll get fixed in a future update.My library has just over 10,000 songs in it. 95% came from my CD's that I ripped myself, plus some that I recorded directly to the computer from cassette or record (yes, I actually did that!). I recently subscribed to iTunes match and other than about 100 songs, they all matched correctly. I was very meticuous about my tagging so my library was very clean. Not sure if that matters as I understand they use a digital matching scheme rather than based on tagging, but regardless, I am very pleased with the final result.
-Randy- -
[SOLVED] Window colors and the .Xdefaults file.
Normally I use a very lightweight x11 setup on my system (ratpoison+a few applications like firefox), but recently I have been experimenting with some more unnecessary eye-candy on an usb memory (beryl and kde... nice:cool:), and after using the color settings program that comes with kde I started to think if it would be possible to do something like setting a new background color for all windows (instead of the gray color) using the .Xdefaults file.
So after booting back to my normal system (with the ratpoison wm), I changed my (xterm focused ) .Xdefaults file:
XTerm*faceName: Bitstream Vera Sans Mono:size=11
XTerm*boldFont: Bitstream Vera Sans Mono:style=Bold:size=11
XTerm*loginShell: true
XTerm*scrollBar: false
XTerm*eightBitInput: false
XTerm*metaSendsEscape: true
*background: black
*foreground: green
XTerm*color0: black
XTerm*color1: red
XTerm*color2: green
XTerm*color3: yellow
XTerm*color4: blue
XTerm*color5: magenta
XTerm*color6: cyan
XTerm*color7: white
(Note that I removed XTerm from the background and foreground.)
Result! The xpdf application changed colors!
However this setting doesn't affect firefox thunderbird or oo.org...:/
The kde color manager does change the colors of firefox and thunderbird, so hows that possible (I tried `xrdb>~/.Xdefaults` and disactivate the global coloring option in kde and then running xrdb ~/.Xdefaults on my usb system, but that didn't work either)?
Last edited by 1311219 (2007-03-24 12:05:13)1311219 wrote:Thanks! now I only have to find a way to change the default colors in gtk... I suppose it's similar to xrdb(I saw something about an gtk.rc.mine file somewhere)?
Most people use themes like those on Gnome-look. The theme syntax is human-readable, so download one you like and tweak it to use your custom colors.
You can switch GTK themes using a program like gtk-chtheme (in community).
btw/OffTopic: OO.org looks a bit different when it uses gtk, what does it use normally(or is it just different themes?)?
AFAIK it uses its own custom cross-platform toolkit. Actually, it always uses the custom toolkit, but the FORCE_DESKTOP variable makes it try to copy your GTK (or QT if you set it to "kde") look. It doesn't manage 100% integration, the menubars and dialogs still look a little "off." Firefox and Thunderbird use a similar tactic, but always copy GTK.
Last edited by skymt (2007-03-23 20:36:11) -
KDE4.1 ssh-agent and gpg-agent
Suddenly after an update of kdeworkspace my ssh-agent and gpg-agent have stopped working. Does anyone else have also this problem?
Regards,I've also had this problem, although I don't know the exact time it stopped working as I have not had to use my laptop to ssh for a while.
Everything seems to get created OK - the socket is created:
[daren@daren_laptop env]$ ll /tmp/gpg-MZi0kX/
total 0
srwxr-xr-x 1 daren daren 0 2009-01-18 10:06 S.gpg-agent
and the env variable points to it:
[daren@daren_laptop env]$ env | grep GPG
GPG_AGENT_INFO=/tmp/gpg-MZi0kX/S.gpg-agent:4508:1
and the agent is running on the correct pid:
[daren@daren_laptop env]$ ps axf | grep gpg-agent
4508 ? Ss 0:00 gpg-agent --daemon
4902 pts/0 R+ 0:00 \_ grep gpg-agent
If i run ssh-add from the command line, I get this:
[daren@daren_laptop env]$ ssh-add
Could not open a connection to your authentication agent.
[daren@daren_laptop env]$
I'm not that clued up on using the agent - it's always "just worked" after adding the script to ~/.kde4/env, but I'm kind of stuck now. There was another post about issues with KDE 4.1 and the agents, but they resolved theirs by doing what I've had setup for a while now. -
as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
i'm starting gpg-agent from ~/.xinitrc with this line:
gpg-agent --daemon
and
[damir@Asteraceae ~]$ ps -e | grep gpg-agent
6628 ? 00:00:00 gpg-agent
thanx in advance for any helptpowa wrote:strange you also did that pinentry stuff?
i have
pinentry-program /usr/bin/pinentry-qt
in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
tpowa wrote:i didn't test the funcionality of gpg
can someone do some reasearch on that
kde 3.3.2 is round the corner would be great if it works till then
yea, that would be nice ...
well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way)) -
Script to clear cached gpg-agent passphrase?
Hello,
I recently setup enigmail with thunderbird so I can sign and encrypt email. I had an issue with the passphrase being cached by seahorse, and was unable to find a setting to change the time. Doing a lot of searching I found that setting "use-agent" in ~/.gnupg/gpg.conf and setting appropriate timeouts in ~/.gnupg/gpg-agent.conf was supposed to work. But after many, many failed attempts, I switched from gnome to xfce and got rid of seahorse (probably making this far more complicated than I needed to, but I like xfce, too). As soon as I did that the timeouts I set in gpg-agent.conf started working correctly. Currently using 300 seconds. I would like to extend this time to 10 or 20 minutes to save the password hassle while going through emails, but would like an "easy" way to clear the cached passphrase when I'm finished. I always lock my desktop when I'm away, but would prefer to know my signature and key passphrase is no longer cached when I get up.
I found this in the kde wiki:
killall gpg-agent -stops all instances
eval "$(gpg-agent --daemon)" -will restart the agent
gpg-agent status -should tell you if the agent is running.
If I execute eval "$(gpg-agent --daemon)" nothing seems to happen, I can click any message and it decrypts without asking for my passphrase (as long as the 5 minute timeout hasn't expired of course).
If I kill gpg-agent, and then use eval "$(gpg-agent --daemon)" to start it back up, when I click on an encrypted message in thunderbird I get this error in the signature banner "Error - signature verification failed; click on 'Details' button for more information"
OpenPGP security info reveals the following:
Error - signature verification failed
gpg command line and output:
/usr/bin/gpg
can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': No such file or directory
gpg: can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': connect failed
gpg: can't query passphrase in batch mode
gpg: Invalid passphrase; please try again ...
gpg: can't query passphrase in batch mode
gpg: Invalid passphrase; please try again ...
gpg: can't query passphrase in batch mode
gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
"XXXXXX <XXXXXX>"
gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
"XXXXXX <XXXXXX>"
gpg: public key decryption failed: bad passphrase
gpg: decryption failed: secret key not available
Restarting thunderbird doesn't help. Restarting the computer fixes it. It looks like when gpg-agent starts it creates a gpg-RANDOM temp directory, and when I restart it that changes, but enigmail doesn't pick this up even after restarting thunderbird. How does it figure it out on a fresh start?
Is there anyway to simply clear the gpg-agent cached passphrase and then be able to use it again (supply the password) without having to restart the computer?
Thanks!Send a SIGHUP signal to the gpg-agent process. This will clear all stored passphrases.
pkill -SIGHUP gpg-agent -
What's the relationship between Agent and JMX-instrumented applications?
Hi, I'm a beginner of EM and JMX. I'm trying to integrate my application with EM. After reading some documents, I find I need to make my application JMX-instrumented first and then design the plug-in. But I'm still a little confused about the relationship between the Agent and the JMX-instrumented appliactions.
Here is what I'm confused:
1. Should the EM Agent be installed in the host where my JMX-instrumented application is installed? If this is true, then that will mean Agent cannot monitor the remote resource. But it sounds not reasonable.
2. When making the application JMX-instrumented, we should use the platform MBeanServer or create our own MBeanServer? Do they have a major difference? and will it impact the plug-in design?
Thanks in advance.Answers to your queries:
1. Should the EM Agent be installed in the host where my JMX-instrumented application is installed? If this is true, then that will mean Agent cannot monitor the remote resource. But it sounds not reasonable.
Its not necessary that EM Agent should be installed on the same host where JMX-instrumented application is/are installed. EM Agent has a fetchlet (named OJMX) that can be used. Refer to [Management Using Web Services and JMX|http://download.oracle.com/docs/cd/B19306_01/em.102/b16246/web_jmx.htm] for more details on emjmxcli tool, which can help to build the plug-in which can monitor the MBeans. [EM Extensibility Guide|http://download.oracle.com/docs/cd/B19306_01/em.102/b16246/toc.htm] contains all the details for building a plug-in.
2. When making the application JMX-instrumented, we should use the platform MBeanServer or create our own MBeanServer? Do they have a major difference? and will it impact the plug-in design?
To best of my knowledge, plug-in design doesn't get impacted
Maybe you are looking for
-
[JS][CS3] Loading text into memory
Hi. Am am trying to access an external txt file which holds data for my script. I have looked at the famous "FindChangeByList" and tried to work from there. However, I am not going to need input from the user for the txt file location, it will alwa
-
My Wish List - Please, comment what are in your plans.
Guys, I really liked M7... But, some essentials features are missing... The first item is really essential to me. There my list comes: * Multiple Web Directory. For instance, thing on this project layout: PATH: src/test/java WHAT: Java test code OUTP
-
my iphone 4s is frozen on the lock screen. my lock button doesnt work and i cant slide to power off the phone. It has 100% battery and nothing happens when i plug it into the computer. My phone screen also is in negative. It is like twitching and iv
-
What Xml Binding Framework are supported in WLS7.0 sp4?
What is the most popular alternative to JAXB in the WLS7.0? Regards, Basilio
-
I have paid twice for an iPod touch game
I had trouble downloading an app for ipod touch and I also accidentally paid twice for it. I reported the problem and iTunes helped with the download problem but didn't refund the money. I have been looking for a way to email somebody but can't fin