On Sun, 20 Aug 2006 07:21, Dylan Vaughn said: > The issue is that after I start gpg-agent for one user, it does not work > for any other user on my machine. For example, after I do an initial
Well, you need to start it for each user. > subsequent decrypt calls, then when I switch to a different user on my > machine and try to do the same thing gpg-agent doesn't prompt me for my > passphrase on the initial attempt and instead gives me this message: > > [EMAIL PROTECTED]:~/test$ eval "$(gpg-agent --daemon)" > [EMAIL PROTECTED]:~/test$ gpg -o clear.txt -d test.txt.asc The invocation og gpg-agent may have failed. You better run gpg-agent this way for testing: gpg-agent --daemon it should emit the the following lines: GPG_AGENT_INFO=/tmp/gpg-3JMzhv/S.gpg-agent:32230:1; export GPG_AGENT_INFO; SSH_AUTH_SOCK=/tmp/gpg-gA6FYU/S.gpg-agent.ssh; export SSH_AUTH_SOCK; SSH_AGENT_PID=32230; export SSH_AGENT_PID; The SSH lines are because I have enable-ssh-support in my gpg-agent.conf. That is what the eval evaluates. Now cut+paste the GPG_AGENT_INFO line into the shell to manually do the eval. Then you can test whether it works: $ gpg-connect-agent enter for example GET_CONFIRMATION foo and the pinentry will appear to ask you about foo. Click on OK and you will seethe OK :-). Ctrl-D terminates gpg-connect-agent. You may run it with the option --verbose to see sonme diagnostics. The best way to debug it is by invoking gpg in a different way: $ gpg-agent --daemon --debug 1024 /bin/sh gpg-agent[32264]: reading options from `/home/test/.gnupg/gpg-agent.conf' gpg-agent[32264]: listening on socket `/tmp/gpg-g4KTHx/S.gpg-agent' gpg-agent[32264]: listening on socket `/tmp/gpg-MxP8eV/S.gpg-agent.ssh' This runs a shell under the control of the gpg-agent and also sets up the environment variables. How you may use gpg --use-agent at this shell but we want to try it manually: sh-3.00$ gpg-connect-agent gpg-agent[32265]: handler 0x808cae0 for fd 0 started gpg-agent[32265.0x808cde8] DBG: -> OK Pleased to meet you gpg-agent[32265.0x808cde8] DBG: <- RESET gpg-agent[32265.0x808cde8] DBG: -> OK gpg-agent[32265.0x808cde8] DBG: <- OPTION display=localhost:11.0 gpg-agent[32265.0x808cde8] DBG: -> OK gpg-agent[32265.0x808cde8] DBG: <- OPTION ttyname=/dev/pts/2 gpg-agent[32265.0x808cde8] DBG: -> OK gpg-agent[32265.0x808cde8] DBG: <- OPTION ttytype=xterm gpg-agent[32265.0x808cde8] DBG: -> OK gpg-agent[32265.0x808cde8] DBG: <- OPTION lc-ctype=en_US gpg-agent[32265.0x808cde8] DBG: -> OK gpg-agent[32265.0x808cde8] DBG: <- OPTION lc-messages=C gpg-agent[32265.0x808cde8] DBG: -> OK Here we have connected succesfully to the agent and the inital handshake has been done. "debug 1024" let you see all this. Now we enter: GET_CONFIRMATION bar and gpg-agent does its magic: gpg-agent[32265.0x808cde8] DBG: <- GET_CONFIRMATION bar gpg-agent[32265]: starting a new PIN Entry gpg-agent[32265]: DBG: connection to PIN entry established gpg-agent[32265]: command get_confirmation failed: Not confirmed gpg-agent[32265.0x808cde8] DBG: -> ERR 67108978 Not confirmed <GPG Agent> Well I clicked on cancel and gpg-agent returned ERR 67108978 Not confirmed <GPG Agent> the status code for cancel gpg-agent[32265.0x808cde8] DBG: <- [EOF] gpg-agent[32265]: handler 0x808cae0 for fd 0 terminated gpg-connect-agent has disconnected from the agent. and we want to terminate the agent too: sh-3.00$ exit exit $ gpg-agent[32265]: parent process died - shutting down gpg-agent[32265]: gpg-agent (GnuPG) 1.9.23-svn4218 stopped gpg-agent[32265]: secmem usage: 0/16384 bytes in 0 blocks System is clean again and ready for another test ;-) I hope this helps to understand how the agaent works. The actual command gpg uses to get the passphrase is: GET_PASSPHRASE X X X X (enter the X verbatim). You should also read the manual where the installation of the gpg-agent ins described. The manual is in info format, thus enter "info gnupg". The next version will also come with man pages automatically created from the Texinfo source. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
