pinentry problems

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Apr 17 00:49:21 CEST 2018


On Tue 2018-04-17 00:04:11 +0200, Paul H. Hentze wrote:
>> gpg: WARNING: unsafe permissions on homedir '/home/giraffenhorde/.gnupg'
>
> So I fixed that with
>
>> chown -R "$USER:$(id -gn)" ~/.gnupg
>> chmod 700 ~/.gnupg
>> chmod 600 ~/.gnupg/*
>
> from here: https://superuser.com/a/954639

this doesn't look right to me.

in particular, it's going to remove the "execute/traverse" permission on
~/.gnupg/private-keys-v1.d/, which means that gpg-agent isn't going to
be able to get a list of all available secret keys.

Probably, you want to do the following (as your normal user account):

    find ~/.gnupg -type d -exec chown 0700 '{}' ';'
    find ~/.gnupg -type f -exec chown 0600 '{}' ';'

if you do that, then you should be able to see some files whose names
end in ".key" in ~/.gnupg/private-keys-v1.d/, like so:

    ls -l ~/.gnupg/private-keys-v1.d/*.key

if that's the case, then i recommend you ask your running gpg-agent to
shut down because it's probably confused:

   gpgconf --kill gpg-agent

a new gpg-agent should start up again afterward as soon as you need it.
you can also try to see which secret keys are available like this:

   gpg --with-keygrip --list-secret-keys

You should see that the keygrips listed match the files found in the
"ls" output above.

If that doesn't work for you, please report back and we'll try to debug
further :)

        --dkg



More information about the Gnupg-users mailing list