Using GnuPG when switching users
Dan Horne
dan.horne at redbone.co.nz
Mon Jan 29 03:44:56 CET 2018
Hi
I'm using GnuPG 2.0.29 on Solaris. This specific version is being used
because it's the only one we could get installed and working.
I'm trying to generate keys from a user I have su'd to, but I get the
following error:
gpg-agent[23024]: command get_passphrase failed: Permission denied
gpg: problem with the agent: Permission denied
gpg: Key generation canceled.
I believe that thus occurs because when pinentry-curses is invoked by
gpg-agent, the tty is owned by the original user I logged into via SSH, not
the user I switched to via su.
I've seen various workarounds online, but most are relevant to GNU/Linux,
not Solaris (e.g. run the "script" command with the -c option, which
doesn't exist on Solaris). Others have suggested using the loopback
pinentry-mode, which doesn't seem to exist in version 2.0.29 of gpg-agent ,
as far as I can tell.
Has someone got a workaround? I need to be able to use "su" as we are not
allowed to log into the user directly. I'm also stuck with Solaris and the
specified version of GnuPG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180129/e03766d8/attachment.html>
More information about the Gnupg-users
mailing list