[SOLVED] gpg-agent and the magical passphrase

Similar Messages

• [SOLVED] a problem with gpg-agent and ssh keys

  I'm baffled by a strangle problem:
  My setup is as follows: I use gpg-agent with --enable-ssh-support, so that my ssh keys are handled by it. All was fine (when I ssh'ed to another machine, a pinentry window popped up, asked for a password, and if I entered the correct one, gpg-agent would decrypt its copy of my private ssh key and use it for identification). But: I needed to change my ssh key, and so I generated a new one. Next, I ssh-add'ed it to gpg-agent (one password to decrypt the private key, then twice another password for gpg-agent). I uploaded the public key to a server. The setup should be complete.
  The problem is that when I ssh to a machine, a pinentry window comes up, but it does not accept my password (the one that I entered twice when ssh-add'ing the key). I tried adding with various different passwords (always deleting ~/.gnupg/private-keys-v1.d/*, since 'ssh-add -d ~/.ssh/id_rsa.pub' would not work for some reason - it would not make gpg-agent forget the key), different pinentry programs ( -qt4, -gtk-2, -curses), and still the same problems. Pinentry itself seems to work fine, since if I enter two different things when it asks for a new passphrase for the key, it detects that there's a problem.
  So, can anyone help? What could I try (please don't post just to say that I could/should use ssh-agent, or keychain, or anything else. I have used various things, and I like this setup the most. It worked before, and I would like to find out why it stopped working and how to get it back to speed.)
  Thanks.
  Last edited by bender02 (2010-02-15 09:52:54)

  Thats a known bug with the new gpg version.
  http://lists.gnupg.org/pipermail/gnupg- … 38045.html
  You could use an older version of gpg or use a development version.

• Just installed Lion and the Magic TrackPad and I am having a problem with one click commands.  I have to hit the pad fairly hard with one finger to get it to accept the command.  Is this normal, is there another way that I am suppose to execute commands?

  Just installed Lion and the Magic TrackPad and I am having a problem with one click commands.  I have to hit the pad fairly hard with one finger to get it to accept the command.  Is this normal, is there another way that I am suppose to execute commands?

  No you just need to turn on Tap to Click. Go into System Preferences - Trackpad and click the Point to Click tab and select the first box which will say Tap to Click and you should be in business.

• Today I can't switch on my Magic Trackpad. (no greeen light appears). Yesterday I changed batteries and the Magic Pad worked propperly till I ended using my Mac. Today there's no connection possible.

  Today I can't switch on my Magic Trackpad. (no greeen light appears). Yesterday I changed batteries and the Magic Pad worked propperly till I ended using my Mac. Today there's no connection possible.
  Any ideas?
  Thank's for writing back.
  Wolfram

  Make sure you used good batteries, put the + side into the tube first and tap the power button once.  If you don't get a green light then it must be bad.

• Can I have my wireless mouse and the magic trackpad both active at the same time next to my computer?

  Can I have both my wireless mouse and the Magic Trackpad active at the same time next to my desktop iMac?

  Yes.  I do.  I use the Trackpad to make fine adjustments for video edits.

• Keyboard and the magic mouse cannot  using and pairing in win7

  keyboard and the magic mouse cannot  using and pairing in win7
  already install boot camp in  win7  but can using in  OSX

  thanks I tried re installing the drivers (which were working fine before this windows update) but unfortunately it did not work. I can not access my bluetooth settings at al in windows yet it works fine on the mac side of things (I'm using them to type this)

• I don't received codes and  the magic wand of PS does not work

  I don't received no codes, now I can't no use LR
  the magic wand of PS does not work

  We can't know. You have not provided any useful technical info about your system or other details. If you bought the photographer's bundle for Creative Cloud then there are no serial numbers. Refer to this:
  Sign in, activation, or connection errors | CS5.5 and later
  Mylenium

• FCE4 and The Magic Track Pad

  Hello All,
  Has anyone here used The Magic Track Pad with FCE4? How does it flow with the program. Is it better than the mouse?
  Thanks for your thoughts.
  Mike

  Search is your friend:
  http://discussions.apple.com/thread.jspa?messageID=12005731&#12005731

• Conversion Agent and the module processor

  Hi,
  i have to make an offer for a client of ours. Therefore i was thinking to propose the conversion agent for developing a process module into the inbound communication channel in the XI-Scenario.
  But i think i understand sth wrong or does this module substitute the normal mapping inside the XI?!
  Can someone give me a hand?!
  thx in advance

  Jens,
  Conversion Agrent is used to convert non XMl data into XML and vice versa.
  For example it can read a PDF, EXCEL and conevrt it into XMl and also convert XML into EDI formats etc etc.
  You use the conversion agent studio to develop the conversion mapping and then deploy it as a module. From the comm channel you call the Conversion Agrent Module which in turn runs on its own Engine and does the conversion for you.
  So, if possible, you can also use conversion agent to actually read your source and create iyt in the format of the target and thgerbey replace Mapping. But, it all depends on  the feasibility of what you are trying to do.
  Regards,
  Bhavesh

• ITunes Match and the magical disappearing explicit tags

  So, after doing a spring (winter?) clean of my iTunes library today, there seems to be a bit of tension between iTunes Match and Explicit tags on tracks.
  I'm obsessive with my library and add lyrics via Get Lyrical, use a script to search my iTunes library for specific profanities that outputs them into a playlist then use MetaX to tag all songs in that playlist with the explicit tag.  As a student of radio, sometimes, it's just easier to check for tags that drive through yrics for profanity and songs that are airable.
  However, for whatever reason, as soon as iTunes Match updates the library with the server, all explicit tags are removed except for those that are downloaded from the store with the tags already added (which is an annoyance in itself because Apple see fit to mark an entire album as explicit even if a specific track is clean and safe for air).  Removing the explicit tags will find it readded after the iCloud sync.
  All other elements of manual metadata are safe; purchase date, release date, copyright.  It just doesn't like explicit tags - hoping it'll get fixed in a future update.

  My library has just over 10,000 songs in it.  95% came from my CD's that I ripped myself, plus some that I recorded directly to the computer from cassette or record (yes, I actually did that!).   I recently subscribed to iTunes match and other than about 100 songs, they all matched correctly.  I was very meticuous about my tagging so my library was very clean.  Not sure if that matters as I understand they use a digital matching scheme rather than based on tagging, but regardless, I am very pleased with the final result.
  -Randy-

• [SOLVED] Window colors and the .Xdefaults file.

  Normally I use a very lightweight x11 setup on my system (ratpoison+a few applications like firefox), but recently I have been experimenting with some more unnecessary eye-candy on an usb memory (beryl and kde... nice:cool:), and after using the color settings program that comes with kde I started to think if it would be possible to do something like setting a new background color for all windows (instead of the gray color) using the .Xdefaults file.
  So after booting back to my normal system (with the ratpoison wm), I changed my (xterm focused ) .Xdefaults file:
  XTerm*faceName: Bitstream Vera Sans Mono:size=11
  XTerm*boldFont: Bitstream Vera Sans Mono:style=Bold:size=11
  XTerm*loginShell: true
  XTerm*scrollBar: false
  XTerm*eightBitInput: false
  XTerm*metaSendsEscape: true
  *background: black
  *foreground: green
  XTerm*color0: black
  XTerm*color1: red
  XTerm*color2: green
  XTerm*color3: yellow
  XTerm*color4: blue
  XTerm*color5: magenta
  XTerm*color6: cyan
  XTerm*color7: white
  (Note that I removed XTerm from the background and foreground.)
  Result! The xpdf application changed colors!
  However this setting doesn't affect firefox thunderbird or oo.org...:/
  The kde color manager does change the colors of firefox and thunderbird, so hows that possible (I tried `xrdb>~/.Xdefaults` and disactivate the global coloring option in kde and then running xrdb ~/.Xdefaults on my usb system, but that didn't work either)?
  Last edited by 1311219 (2007-03-24 12:05:13)

  1311219 wrote:Thanks! now I only have to find a way to change the default colors in gtk... I suppose it's similar to xrdb(I saw something about an gtk.rc.mine file somewhere)?
  Most people use themes like those on Gnome-look. The theme syntax is human-readable, so download one you like and tweak it to use your custom colors.
  You can switch GTK themes using a program like gtk-chtheme (in community).
  btw/OffTopic: OO.org looks a bit different when it uses gtk, what does it use normally(or is it just different themes?)?
  AFAIK it uses its own custom cross-platform toolkit. Actually, it always uses the custom toolkit, but the FORCE_DESKTOP variable makes it try to copy your GTK (or QT if you set it to "kde") look. It doesn't manage 100% integration, the menubars and dialogs still look a little "off." Firefox and Thunderbird use a similar tactic, but always copy GTK.
  Last edited by skymt (2007-03-23 20:36:11)

• KDE4.1 ssh-agent and gpg-agent

  Suddenly after an update of kdeworkspace my ssh-agent and gpg-agent have stopped working. Does anyone else have also this problem?
  Regards,

  I've also had this problem, although I don't know the exact time it stopped working as I have not had to use my laptop to ssh for a while.
  Everything seems to get created OK - the socket is created:
  [daren@daren_laptop env]$ ll /tmp/gpg-MZi0kX/
  total 0
  srwxr-xr-x 1 daren daren 0 2009-01-18 10:06 S.gpg-agent
  and the env variable points to it:
  [daren@daren_laptop env]$ env | grep GPG
  GPG_AGENT_INFO=/tmp/gpg-MZi0kX/S.gpg-agent:4508:1
  and the agent is running on the correct pid:
  [daren@daren_laptop env]$ ps axf | grep gpg-agent
  4508 ? Ss 0:00 gpg-agent --daemon
  4902 pts/0 R+ 0:00 \_ grep gpg-agent
  If i run ssh-add from the command line, I get this:
  [daren@daren_laptop env]$ ssh-add
  Could not open a connection to your authentication agent.
  [daren@daren_laptop env]$
  I'm not that clued up on using the agent - it's always "just worked" after adding the script to ~/.kde4/env, but I'm kind of stuck now.  There was another post about issues with KDE 4.1 and the agents, but they resolved theirs by doing what I've had setup for a while now.

• Kmail and gpg-agent

  as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
  i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
  but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
  i'm starting gpg-agent from ~/.xinitrc with this line:
  gpg-agent --daemon
  and
  [damir@Asteraceae ~]$ ps -e | grep gpg-agent
  6628 ? 00:00:00 gpg-agent
  thanx in advance for any help

  tpowa wrote:strange you also did that pinentry stuff?
  i have
  pinentry-program /usr/bin/pinentry-qt
  in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
  tpowa wrote:i didn't test the funcionality of gpg
  can someone do some reasearch on that
  kde 3.3.2 is round the corner would be great if it works till then
  yea, that would be nice ...
  well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
  here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way))

• Script to clear cached gpg-agent passphrase?

  Hello,
  I recently setup enigmail with thunderbird so I can sign and encrypt email. I had an issue with the passphrase being cached by seahorse, and was unable to find a setting to change the time. Doing a lot of searching I found that setting "use-agent" in ~/.gnupg/gpg.conf and setting appropriate timeouts in ~/.gnupg/gpg-agent.conf was supposed to work. But after many, many failed attempts, I switched from gnome to xfce and got rid of seahorse (probably making this far more complicated than I needed to, but I like xfce, too). As soon as I did that the timeouts I set in gpg-agent.conf started working correctly. Currently using 300 seconds. I would like to extend this time to 10 or 20 minutes to save the password hassle while going through emails, but would like an "easy" way to clear the cached passphrase when I'm finished. I always lock my desktop when I'm away, but would prefer to know my signature and key passphrase is no longer cached when I get up.
  I found this in the kde wiki:
  killall gpg-agent    -stops all instances
  eval "$(gpg-agent --daemon)"     -will restart the agent
  gpg-agent status     -should tell you if the agent is running.
  If I execute eval "$(gpg-agent --daemon)" nothing seems to happen, I can click any message and it decrypts without asking for my passphrase (as long as the 5 minute timeout hasn't expired of course).
  If I kill gpg-agent, and then use eval "$(gpg-agent --daemon)" to start it back up, when I click on an encrypted message in thunderbird I get this error in the signature banner "Error - signature verification failed; click on 'Details' button for more information"
  OpenPGP security info reveals the following:
  Error - signature verification failed
  gpg command line and output:
  /usr/bin/gpg
  can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': No such file or directory
  gpg: can't connect to `/tmp/gpg-ZoVzCT/S.gpg-agent': connect failed
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: Invalid passphrase; please try again ...
  gpg: can't query passphrase in batch mode
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: encrypted with 4096-bit RSA key, ID XXXXXXX, created 2012-XXXX
        "XXXXXX <XXXXXX>"
  gpg: public key decryption failed: bad passphrase
  gpg: decryption failed: secret key not available
  Restarting thunderbird doesn't help. Restarting the computer fixes it. It looks like when gpg-agent starts it creates a gpg-RANDOM temp directory, and when I restart it that changes, but enigmail doesn't pick this up even after restarting thunderbird. How does it figure it out on a fresh start?
  Is there anyway to simply clear the gpg-agent cached passphrase and then be able to use it again (supply the password) without having to restart the computer?
  Thanks!

  Send a SIGHUP signal to the gpg-agent process. This will clear all stored passphrases.
  pkill -SIGHUP gpg-agent

• What's the relationship between Agent and JMX-instrumented applications?

  Hi, I'm a beginner of EM and JMX. I'm trying to integrate my application with EM. After reading some documents, I find I need to make my application JMX-instrumented first and then design the plug-in. But I'm still a little confused about the relationship between the Agent and the JMX-instrumented appliactions.
  Here is what I'm confused:
  1. Should the EM Agent be installed in the host where my JMX-instrumented application is installed? If this is true, then that will mean Agent cannot monitor the remote resource. But it sounds not reasonable.
  2. When making the application JMX-instrumented, we should use the platform MBeanServer or create our own MBeanServer? Do they have a major difference? and will it impact the plug-in design?
  Thanks in advance.

  Answers to your queries:
  1. Should the EM Agent be installed in the host where my JMX-instrumented application is installed? If this is true, then that will mean Agent cannot monitor the remote resource. But it sounds not reasonable.
  Its not necessary that EM Agent should be installed on the same host where JMX-instrumented application is/are installed. EM Agent has a fetchlet (named OJMX) that can be used. Refer to [Management Using Web Services and JMX|http://download.oracle.com/docs/cd/B19306_01/em.102/b16246/web_jmx.htm] for more details on emjmxcli tool, which can help to build the plug-in which can monitor the MBeans. [EM Extensibility Guide|http://download.oracle.com/docs/cd/B19306_01/em.102/b16246/toc.htm] contains all the details for building a plug-in.
  2. When making the application JMX-instrumented, we should use the platform MBeanServer or create our own MBeanServer? Do they have a major difference? and will it impact the plug-in design?
  To best of my knowledge, plug-in design doesn't get impacted