Re: [OpenIndiana-discuss] GPG2 on OI
- Op 27 sep 2021 om 11:09 schreef Discussion list for OpenIndiana openindiana-discuss@openindiana.org: > > Thanks for the response David, I really appreciate it. I'm glad to see > it's not just my install. It is also possible to setup a test VM (for example with "vagrant") and make a new VM (scratch new environment) and install GPG2 and see that it hangs there. However it is possible that my command : gpg2 --gen-key is the wrong command, although I thought that was the way to generate keys. I'm no gpg expert. >> What I do as workaround is use "loopback" mode, I'm not sure whether you >> tried that, from reading your posting I think you may have already tried >> that : > > I hadn't, but I gave it a try and did get gpg2 to prompt for a passphrase, > but as you've also experienced, it hangs after accepting the passphrase. It is possible to compile the old GPG (not gpg2) vagrant@openindiana:~/gnupg-1.4.23$ gpg --version gpg (GnuPG) 1.4.23 Copyright (C) 2015 Free Software Foundation, Inc. with that old and unsupported "end of life" version, it still works to generate keys (old style) gpg: /export/home/vagrant/.gnupg/trustdb.gpg: trustdb created public and secret key created and signed. With gpg 1.4.23 (which fortunately still compiles fine on the latest OpenIndiana) the command : gpg --gen-key works for me. However there is a world of difference between those old versions and the new GPG 2.x series, so this probably does not provide a lot of value. It is perhaps possible to try out older versions and find a solution, I'd be interested if you find a solution and are willing to share it ! Thanks, David Stes ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org https://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] GPG2 on OI
In regard to: Re: [OpenIndiana-discuss] GPG2 on OI, s...@pandora.be said...: I can confirm I've had for the last months some annoying (blocking!) issues with GPG2 on OI, but some issues also happen on other operating systems (pin entry related), so this may be a GPG2 issue, and not an OI issue. Anyway ... Thanks for the response David, I really appreciate it. I'm glad to see it's not just my install. What I do as workaround is use "loopback" mode, I'm not sure whether you tried that, from reading your posting I think you may have already tried that : I hadn't, but I gave it a try and did get gpg2 to prompt for a passphrase, but as you've also experienced, it hangs after accepting the passphrase. My debugging seems to indicate that the pinentry programs work as expected. I don't think either pinentry-gtk-2 or pinentry-curses are to blame, because if I run one directly, like: /usr/lib/pinentry-curses and then enter the following commands (use the 'tty' command to get your correct ttyname first, each command should result in an OK response): SETTITLE This is my title OPTION ttyname=/dev/pts/5 OPTION ttytype=vt100 OPTION lc-ctype=en_US.UTF-8 SETPROMPT Enter your Passphrase: SETDESC Passphrase to get more Cookies! GETPIN Once you issue the GETPIN, it should draw the dialog and let you enter a passphrase, which it will echo back to you after you press enter. I've tried truss with various operations and it seems like gpg2 is having trouble communicating over the UNIX socket with the running agent. I've also discovered that after one of these apparently failed communications, the gpg-agent process starts accumulating CPU time at a rapid rate. I've also found when that happens that gpgconf --kill gpg-agent does not work. $ gpg2 --pinentry-mode loopback --gen-key Currently I have installed version 2.3.2 $ gpg2 --version gpg (GnuPG) 2.3.2 libgcrypt 1.9.4 Same versions I'm using. This comes from $ pkg list gnupg libgcrypt NAME (PUBLISHER) VERSIONIFO crypto/gnupg 2.3.2-2020.0.1.0 i-- system/library/security/libgcrypt 1.9.4-2020.0.1.0 i-- Unfortunately even if I use "loopback" mode GPG2 is not working for me on OI. For example when I try $ gpg2 --pinentry-mode loopback --gen-key It hangs on: We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. After a while I abort, no key is generated for me ... It hangs for me after multiple different operations too, including decrypting a text file that was encrypted for my ID on a different system. Anyway, thanks for confirming you're seeing similar issues. I'll report back to the mailing list if I make any progress debugging it. Tim -- Tim Mooney tim.moo...@ndsu.edu Enterprise Computing & Infrastructure / Division of Information Technology/701-231-1076 (Voice) North Dakota State University, Fargo, ND 58105-5164 ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org https://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] GPG2 on OI
Hi, I can confirm I've had for the last months some annoying (blocking!) issues with GPG2 on OI, but some issues also happen on other operating systems (pin entry related), so this may be a GPG2 issue, and not an OI issue. Anyway ... What I do as workaround is use "loopback" mode, I'm not sure whether you tried that, from reading your posting I think you may have already tried that : $ gpg2 --pinentry-mode loopback --gen-key Currently I have installed version 2.3.2 $ gpg2 --version gpg (GnuPG) 2.3.2 libgcrypt 1.9.4 This comes from $ pkg list gnupg libgcrypt NAME (PUBLISHER) VERSIONIFO crypto/gnupg 2.3.2-2020.0.1.0 i-- system/library/security/libgcrypt 1.9.4-2020.0.1.0 i-- Unfortunately even if I use "loopback" mode GPG2 is not working for me on OI. For example when I try $ gpg2 --pinentry-mode loopback --gen-key It hangs on: We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. After a while I abort, no key is generated for me ... David Stes - Op 27 sep 2021 om 4:51 schreef Discussion list for OpenIndiana openindiana-discuss@openindiana.org: > All- > > Anyone else using GnuPG on OI? I'm seeing some strange/broken behavior > somewhere between gpg2, gpg-agent, and pinentry. I'm wondering if it's > something with my install (or environment), or if others are having issues > too. > > Basically, when gpg2 does something that needs a passphrase, it's supposed > to contact the gpg-agent, auto-starting it if necessary, and then the > gpg-agent uses one of the pinentry programs for the actual prompting. > > When I try ssh into my OI workstation and use gpg2, whatever is going on > causes the (curses) pinentry screen to be blank. > > I know it's not a problem with pinentry-curses, because I can interact > with it directly and send the necessary "commands" via the "assuan" > protocol to get it to display a password prompt window and correctly > collect a password. > > I've also had problems with gpg2 hanging and not exiting even after some > operations. > > I'm just wondering if anyone else is seeing similar issues, or if I need > to look more closely at what might be wrong with my environment. > > Thanks, > > Tim > -- > Tim Mooney tim.moo...@ndsu.edu > Enterprise Computing & Infrastructure / > Division of Information Technology/701-231-1076 (Voice) > North Dakota State University, Fargo, ND 58105-5164 > > ___ > openindiana-discuss mailing list > openindiana-discuss@openindiana.org > https://openindiana.org/mailman/listinfo/openindiana-discuss ___ openindiana-discuss mailing list openindiana-discuss@openindiana.org https://openindiana.org/mailman/listinfo/openindiana-discuss