Avainsanana GnuPG

Possible upstream issues

22. maaliskuuta 2018 klo 16.28
Sijainti: Vianhallintajärjestelmät: Launchpad
Avainsanat: GnuPG

Possible upstream issues: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842015 -> https://dev.gnupg.org/T2818 (-> https://dev.gnupg.org/T2843#)

Vastaa viestiin sen kontekstissa (Launchpad)

Graphical prompt (pinentry-gnome3) invoked even when connected via ssh

22. maaliskuuta 2018 klo 16.09
Sijainti: Vianhallintajärjestelmät: Launchpad
Avainsanat: GnuPG

When I’m connected to my desktop computer via ssh, with the desktop computer’s desktop environment running and unlocked, trying to decrypt a gpg-encrypted file causes gpg-agent to invoke pinentry-gnome3 on the desktop. Assuming I’m physically elsewhere, I’m obviously unable to use the prompt on the desktop to enter the passphrase.

This happens despite both pinentry-tty and pinentry-curses being present on the desktop (in addition to pinentry-gnome3), and having GPG_TTY point to the correct tty (export GPG_TTY=$(tty)). Under these circumstances I’d expect gpg-agent to gracefully fall back to non-graphical alternatives.

Granted, I’ve so far only simulated being physically elsewhere by first ssh’ing out of the desktop, then back in again from the other end. If gpg-agent is using some kind of magic to detect that in reality I’m still physically on the desktop, then this report is invalid (although I’d still feel uneasy about such magic).

== Steps to reproduce ==
1. log in to desktop computer A
2. use another computer B to ssh in to the desktop computer
3. still physically on B, invoke `gpg -d encrypted.gpg` on A (over ssh)

== What happens ==
Graphical passphrase prompt pops up on A, while your ssh terminal on B waits

== What I expect to happen ==
For a non-graphical passphrase prompt (such as pinentry-tty or pinentry-curses) to appear on B’s ssh terminal

Vastaa viestiin sen kontekstissa (Launchpad)

Upstream (based on a merged duplicate)

22. maaliskuuta 2018 klo 15.04
Sijainti: Vianhallintajärjestelmät: Launchpad
Avainsanat: GnuPG

Upstream (based on a merged duplicate): https://dev.gnupg.org/T2011

Vastaa viestiin sen kontekstissa (Launchpad)

Interrupting pinentry-tty with ctrl-c leaves the terminal broken

22. maaliskuuta 2018 klo 15.02
Sijainti: Vianhallintajärjestelmät: Launchpad
Avainsanat: GnuPG

When pinentry-tty is used to prompt for the password, interrupting the prompt using ctrl-c leaves the terminal only partially working: only some letter keys are echoed back.

The terminal remains in this broken state for about a minute, after which it resets itself and everything starts working again.

Below, I’m swiping through all alphabet and numeric keys of my keyboard at both 14.54, where only ”469+esgxb” gets through, and again at 14.55 (the last line), where they all come through.

14.54 jani@saegusa:testejä$ export LC_ALL=C
14.54 jani@saegusa:testejä$ { sleep 60; echo ”60 seconds passed”; } & LC_ALL=C /usr/bin/gpg -d passwords.gpg
[1] 12375
gpg: AES encrypted data
Enter passphrase

gpg: signal Interrupt caught … exiting

14.54 jani@saegusa:testejä$ 469+esgxb^C
14.55 jani@saegusa:testejä$ 60 seconds passed

[1]+ Done { sleep 60; echo ”60 seconds passed”; }
14.55 jani@saegusa:testejä$ 1234567890+wertyuiopåasdfghjklöäzxcvbnm,.

Vastaa viestiin sen kontekstissa (Launchpad)