Rectify agent/client mismatch 2.2.27/2.3.3

John Soo johh.soo at arista.com
Mon Oct 7 20:28:26 CEST 2024


Posted on discourse but seems like the list is the right place to ask:

I have a client at 2.3 and a gpg-agent at 2.2.27 connected via ssh
remote forwarding. However I cannot list secret keys (see detail). Is
there a way for me to put this client into an accessibility mode so
that the older agent will recognize the IPC commands? It is very hard
for me to upgrade either client or agent in this case.

https://forum.gnupg.org/t/rectify-agent-client-mismatch-listing-secret-keys-with-forwarded-agent/5789

Output follows, thank you!

--- John

$ gpg --list-secret-keys --debug lookup,ipc,filter
gpg: reading options from '[cmdline]'
gpg: enabled debug flags: filter ipc lookup
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: FIRST
gpg: DBG: internal_keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: internal_keydb_search: searched keybox (resource 0 of 1) => Success
gpg: DBG: chan_5 <- OK Pleased to meet you, process 35850
gpg: DBG: connection to the gpg-agent established
gpg: DBG: chan_5 -> RESET
gpg: DBG: chan_5 <- OK
gpg: DBG: chan_5 -> OPTION ttyname=/dev/pts/0
gpg: DBG: chan_5 <- ERR 67109115 Forbidden <GPG Agent>
gpg: DBG: chan_5 -> GETINFO restricted
gpg: DBG: chan_5 <- OK
gpg: DBG: chan_5 -> GETINFO version
gpg: DBG: chan_5 <- D 2.2.27
gpg: DBG: chan_5 <- OK
gpg: WARNING: server 'gpg-agent' is older than us (2.2.27 < 2.3.3)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: DBG: chan_5 -> OPTION allow-pinentry-notify
gpg: DBG: chan_5 <- ERR 67109115 Forbidden <GPG Agent>
gpg: DBG: chan_5 -> OPTION agent-awareness=2.1.0
gpg: DBG: chan_5 <- OK
gpg: DBG: chan_5 -> HAVEKEY --list=1000
gpg: DBG: chan_5 <- ERR 67109144 IPC parameter error <GPG Agent> -
invalid hexstring
gpg: problem with fast path key listing: IPC parameter error - ignored
gpg: DBG: chan_5 -> HAVEKEY <key1> <key2> <key3>
gpg: DBG: chan_5 <- ERR 67108881 No secret key <GPG Agent>
gpg: DBG: keydb_search: 1 search descriptions:
gpg: DBG: keydb_search   0: NEXT
gpg: DBG: internal_keydb_search: searching keybox (resource 0 of 1)
gpg: DBG: internal_keydb_search: searched keybox (resource 0 of 1) => EOF
gpg: secmem usage: 0/65536 bytes in 0 blocks



More information about the Gnupg-users mailing list