command 'LEARN' failed: No inquire callback in IPC
Rogers, Dustin
Dustin.Rogers at capitalone.com
Mon May 15 19:00:24 CEST 2017
Hi GnuPG community:
I have recently installed gnupg 2.1.20 from source on a centos6.8 box. For some reason I cannot get the pinentry prompt to appear on the terminal with this newest version.
gpg-connect-agent works as expected and asks for the PIN, but gpg-agent will not.
I have configured the gpg-agent.conf to use pinentry-curses
Here is output from gpg --card-edit
[root at system1 ~]# gpg --card-edit
gpg-agent[5158]: DBG: chan_8 -> OK Pleased to meet you, process 5159
gpg-agent[5158]: DBG: chan_8 <- RESET
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION ttyname=/dev/pts/0
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION ttytype=xterm
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION lc-ctype=en_US.UTF-8
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION lc-messages=en_US.UTF-8
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- GETINFO version
gpg-agent[5158]: DBG: chan_8 -> D 2.1.20
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION allow-pinentry-notify
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- OPTION agent-awareness=2.1.0
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- SCD GETINFO version
gpg-agent[5158]: no running SCdaemon - starting it
gpg-agent[5158]: DBG: chan_9 <- OK PKCS#11 smart-card server for GnuPG ready
gpg-agent[5158]: DBG: first connection to SCdaemon established
gpg-agent[5158]: DBG: chan_9 -> GETINFO socket_name
gpg-agent[5158]: DBG: chan_9 <- D /tmp/gnupg-pkcs11-scd.uTRBtO/agent.S
gpg-agent[5158]: DBG: chan_9 <- OK
gpg-agent[5158]: DBG: additional connections at '/tmp/gnupg-pkcs11-scd.uTRBtO/agent.S'
gpg-agent[5158]: DBG: chan_9 -> OPTION event-signal=12
gpg-agent[5158]: DBG: chan_9 <- OK
gpg-agent[5158]: DBG: chan_9 -> GETINFO version
gpg-agent[5158]: DBG: chan_9 <- D 0.7.5
gpg-agent[5158]: DBG: chan_9 <- OK
gpg-agent[5158]: DBG: chan_8 -> D 0.7.5
gpg-agent[5158]: DBG: chan_8 -> OK
gpg: WARNING: server 'scdaemon' is older than us (0.7.5 < 2.1.20)
gpg-agent[5158]: DBG: chan_8 <- SCD SERIALNO openpgp
gpg-agent[5158]: DBG: chan_9 -> SERIALNO openpgp
gpg-agent[5158]: DBG: chan_9 <- S SERIALNO D2760001240111504B43532331311111 0
gpg-agent[5158]: DBG: chan_8 -> S SERIALNO D2760001240111504B43532331311111 0
gpg-agent[5158]: DBG: chan_9 <- OK
gpg-agent[5158]: DBG: chan_8 -> OK
gpg-agent[5158]: DBG: chan_8 <- LEARN --sendinfo
gpg-agent[5158]: DBG: chan_9 -> LEARN --force
gpg-agent[5158]: DBG: chan_9 <- S SERIALNO D2760001240111504B43532331311111 0
gpg-agent[5158]: DBG: chan_9 <- S APPTYPE PKCS11
gpg-agent[5158]: DBG: chan_9 <- INQUIRE NEEDPIN PIN required for token 'gnupg-par1HA' (try 0)
gpg-agent[5158]: DBG: chan_9 -> END
gpg-agent[5158]: DBG: chan_9 <- OK
gpg-agent[5158]: DBG: agent_card_learn failed: No inquire callback in IPC
gpg-agent[5158]: command 'LEARN' failed: No inquire callback in IPC
gpg-agent[5158]: DBG: chan_8 -> ERR 67109130 No inquire callback in IPC <GPG Agent>
gpg: OpenPGP card not available: No inquire callback in IPCI have tried to set the GPG_TTY variable, but I still don't get the PIN prompt. GPG_TTY=`tty`
I have this working with manual pinentry in a gnupg 2.0 environment, but eventually I would like to use the unattended pinentry-mode loopback, which seems to be available in the gnupg 2.1.20 version only. I am trying to automate batch operations of gpg.
Thus, SCD LEARN will dutifully prompt for PIN when I launch the gpg-agent alongside the gpg-connect-agent like this:
gpg-agent --debug-level=guru --debug 1024 --debug-pinentry --pinentry-program=/usr/bin/pinentry-curses --daemon gpg-connect-agent
But SCD LEARN does not dutifully prompt for PIN, if I launch without the gpg-connect-agent
gpg-agent --debug-level=guru --debug 1024 --debug-pinentry --pinentry-program=/usr/bin/pinentry-curses --daemon
I have a feeling I have a small configuration error, or am not understanding something. But I have reviewed bug reports which seem similar to this issue I am having also. Can anyone tell me why the gpg-connect-agent can invoke the pinentry, but gpg-agent cannot? I am trying su'd as root, but I have the same issue when Im not su as root.
Thank you,
-Dustin Rogers
________________________________________________________
The information contained in this e-mail is confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170515/d4c76b97/attachment-0001.html>
More information about the Gnupg-users
mailing list