Once I had Qubes up and running with Thunderbird and enough basics to be able, more or less, use it as my main computing platform, I setup Split GPG and installed the Enigmail extension. At first it appeared to work fine as I was able to send signed email messages with my public key attached. However, it soon stopped working. I am now trying to resolve this issue.
So far I have been unsuccessful, so am appealing for assistance/pointers. That means providing rather a lot of information, but if you would bear with me, I would be grateful. By the way, Screenshot in an appVM (Fedora-29) just gives me a white rectangle when I view the saved image :-( That is why I have typed in almost all the information below (in most cases I could not use copy-and-paste). System Qubes R4.0.1 with all updates applied. Thunderbird 60.3.1 All Split-GPG parts installed (or it would not have worked in the first place) The Problem When I click Ctrl+Enter (to send the message), I get a pop up dialog request from the vault appVM, "Do you allow VM 'personal' to access your GPG keys..." I click "Yes" and there is a momentary notification that the keyring is being accessed (is there any way to make the notification persist longer than the 1 or 2 seconds it pops up for as it is almost impossible to both notice it and actually read it?). As best I could read it, it said: "Keyring access from domain personal". Then the following dialog box pops up: ==================== [personal] Enigmail Information Send operation aborted. The configured key ID "0x6EC..." cannot be found on your keyring. ==================== Configuration Here are some configuration files: [dom0] /etc/qubes-rpc/policy/qubes.Gpg (why the capital G?) ==================== personal vault allow $anyvm $anyvm ask ==================== [personal] /tw/config/gpg-split-domain ==================== vault ==================== [vault] ~/.bash_profile ==================== # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs QUBES_GPG_AUTOACCEPT=86400 ==================== Note: The above appears to have no effect on the request for permission which still states the default 300 seconds (and appears to honour the 300 seconds). Other Debugging [vault] terminal ==================== [user@vault ~]$ gpg --list-secret-keys /home/user/.gnupg/pubring.gpg ----------------------------- sec rsa2048 2019-01-11 [SCEA] 0E98... 6837 uid [ultimate] John R. Goold <jrg.pub...@goold.net> ssb rsa2048 2019-01-11 [SEA] [user@vault ~]$ ==================== What is bizarre is that if I use "gpg --list-keys", the output is identical, which makes very little sense to me. I tried gpg2 but it gives the same result (not surprising as I deleted gpg and created gpg as a symbolic link to gpg2 (this was in an attempt to guess why things were going wrong). [personal] terminal ==================== [user@personal ~]$ qubes-gpg-client -K /home/user/.gnupg/pubring.gpg ----------------------------- sec rsa2048 2019-01-11 [SCEA] 0E98.. 6837 uid [ultimate] John R. Goold <jrg.pub...@goold.net> ssb rsa2048 2019-01-11 [SEA] [user@personal ~]$ ==================== Note: After issuing the qubes-gpg-client command, there was a pop-dialog box asking for permission. Following the advice in a thread in the qubes-users forum, I launched Thunderbird, deactivated and then deleted Enigmail. I then used Software in the template VM to install Enigmail. That did not change the result when attempting to send mail. The only other thing of significance is that I changed the template VM for my personal (and personal-projects) VM from Debian to Fedora for consistency. However, that change did not coincide with the Enigmail/Split-GPG problem. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c7c9b8a4-22b8-478d-b780-b9a5f64ae7bf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.