Bug#842207: mutt: Cannot decrypt PGP/GPG mails when logged in with ssh

[Marco Balmer]

I am not sure. But I maybe have a similar issue with mutt in a docker 
container.


Try to open an encrypted e-mail:
mutt -d 9
[...]
[2016-12-21 19:05:17] ../../commands.c:117: mutt_mktemp returns 
"/tmp/mutt-e1b91d2812e7-1000-82-14946964291865888962".

[2016-12-21 19:05:17] Entering pgp_encrypted handler
[2016-12-21 19:05:17] ../../crypt-gpgme.c:2599: mutt_mktemp returns 
"/tmp/mutt-e1b91d2812e7-1000-82-662739373908590924".

[2016-12-21 19:05:18] Could not decrypt PGP message
[2016-12-21 19:05:20] Leaving pgp_encrypted handler
[2016-12-21 19:05:20] Failed on attachment of type multipart/encrypted.
[2016-12-21 19:05:20] Bailing on attachment of type multipart/encrypted.
[2016-12-21 19:05:20] Could not copy message

Try to encrypt and send an e-mail:
mutt -d 9
[...]
[2016-12-21 19:09:16] ../../crypt-gpgme.c:441: mutt_mktemp returns 
"/tmp/mutt-e1b91d2812e7-1000-82-7616957182402111246".

[2016-12-21 19:09:16] error encrypting data: Permission denied


[1] https://github.com/micressor/dockerfiles/blob/master/mutt/Dockerfile
[2] NeoMutt 20161126 (1.7.1)

Thanks, Marco

Bug#842207: mutt: Cannot decrypt PGP/GPG mails when logged in with ssh

[Matthias Wimmer]

Package: mutt
Version: 1.7.1-2
Severity: normal

Whenever I try to read my e-mail remotely using ssh I cannot read any mail, that
is encrypted using PGP/GPG. Working locally there are no problems and everything
works fine.

My configuration also worked several months ago. After it broke I could fix it
by replacing all calls to gpg with calls to gpg1. But for some time now it is
even not possible to read my mails using gpg1.

When I try to open an encrypted mail, mutt shows me the following two messages
in its bottom most line one after another:

- Could not decrypt PGP message
- Could not copy message

After I quit mutt I can see additionally the following message on the console:

- GPGME: CMS protocol not available

I stripped down my mutt configuration and did verify that the problem also
occurs using this short one:

-
set folder=imaps://imap.mailbox.org/
set from="m...@me-engineering-m2m.de"
set arrow_cursor
set editor="vim -c \"set textwidth=72\""
set realname="Matthias Peter Wimmer"
set record=imaps://imap.mailbox.org/Sent
set spoolfile="imaps://imap.mailbox.org/"
mailboxes imaps://imap.mailbox.org/

set imap_user='m...@me-engineering-m2m.de'
set imap_pass='' # removed in the bug report ;-)
set imap_idle=yes
set certificate_file=~/.muttcerts

set pgp_sign_as = CAECA12DCE2337A66DFD17B07AC7631D70D6C898
source ~/.mutt/gpg.rc
-

~/.mutt/gpg.rc is a copy of the example configuration in
/usr/share/doc/mutt/examples/gpg.rc
It makes no difference whether I use a completely unchanged version of this file
or whether I add 'set pgp_use_gpg_agent=yes' to it.



-- Package-specific info:
NeoMutt 20161014 (1.7.1)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.

System: Linux 4.5.0-2-amd64 (x86_64)
libidn: 1.33 (compiled with 1.33)
hcache backend: tokyocabinet 1.4.48

Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 6.2.0-6' 
--with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs 
--enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr 
--program-suffix=-6 --program-prefix=x86_64-linux-gnu- --enable-shared 
--enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext 
--enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ 
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-gnu-unique-object 
--disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib 
--disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo 
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home 
--with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar 
--enable-objc-gc --enable-multiarch -
 -with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 
--enable-multilib --with-tune=generic --enable-checking=release 
--build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 6.2.0 20161010 (Debian 6.2.0-6) 

Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' 
'--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' 
'--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' 
'--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' 
'--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' 
'--disable-dependency-tracking' '--with-mailpath=/var/mail' 
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' 
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' 
'--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen' 
'--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' 
'--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 
'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 
-fdebug-prefix-map=/build/mutt-5diptr/mutt-1.7.1=. -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security' 'LDFLAGS=-fPIE -pie 
-Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORT
 IFY_SOURCE=2'

Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 
-fdebug-prefix-map=/build/mutt-5diptr/mutt-1.7.1=. -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security 
-fno-delete-null-pointer-checks

Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME 
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK 
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET