LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   gpg / gpg-agent -- Can't connect to /root/.gnupg/S.gpg-agent (http://www.linuxquestions.org/questions/linux-security-4/gpg-gpg-agent-cant-connect-to-root-gnupg-s-gpg-agent-611843/)

jrtayloriv 01-07-2008 05:22 PM

gpg / gpg-agent -- Can't connect to /root/.gnupg/S.gpg-agent
 
I am having trouble with gpg & gpg-agent. I ran

Code:

gpg --gen-key
And right after I input my name and email, it crashes with the following message:

Quote:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory
gpg-agent[23478]: command get_passphrase failed: Operation cancelled

gpg: cancelled by user
gpg: Key generation canceled.
Any idea how I might fix this?

Thanks,
jrtayloriv

gilead 01-07-2008 06:17 PM

Have you tried creating the directory /root/.gnupg using mkdir (and possibly the S.gpg-agent file within it with touch)? The directory permissions should be 0700. Can you post the output of re-running the command once you've done that?

jrtayloriv 01-07-2008 08:23 PM

I did as you suggested. Now it just says:


Quote:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can't connect to `/root/.gnupg/S.gpg-agent': Connection refused
gpg-agent[25509]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: Key generation canceled.
Any other ideas? What is S.gpg-agent for?

gilead 01-07-2008 08:37 PM

I use GPG, bit not the agent. It turns out that S.gpg-agent is a socket (not a file which is what the touch command creates). The gpg-agent listens to gpg, intercepts requests for passphrases and supplies the info so you don't have to type your passphrase all the time.

How is gpg-agent started on your box? It looks like it's running since it's what generated the error. However, it also looks like it can't reference the required socket. Is there a file in /tmp that looks anything like S.gpg-agent? Therre's some info at https://bugs.g10code.com/gnupg/issue859 which may be related. I'd also recommend the info at http://www.gentoo.org/doc/en/gnupg-user.xml and http://www.linuxcertif.com/man/1/gpg-agent/

madyogi 03-23-2009 01:56 PM

Way of starting gpg-agent...
 
First recommend to use the saint
]$ man gpg-agent

Read it.

You will learn that gpg-agent should be started rather as daemon and only as a single pid. If you start looking the daemon start-up procedure inside your system of course, you won't find it (I didn't and it was Fedora 10). Well, First what I decided to do was to fallow the manual, so I did:

Code:

]$ vi $HOME/.bashrc
and added following lines into it:

Code:

# GPG-AGENT stuff
GET_TTY=`tty`
export $GET_TTY
$HOME/<somercdir>/gpg-agent-start.sh

Yes, you don't have the "gpg-agent-start.sh" file yet and there is no word about it in man! Here it is:

Code:

#!/bin/bash

# Decide wether to start gpg-agent daemon.
# Create necessary symbolic link in $HOME/.gnupg/S.gpg-agent

SOCKET=S.gpg-agent
PIDOF=`pidof gpg-agent`
RETVAL=$?

if [ "$RETVAL" -eq 1 ]; then
        echo "Starting gpg-agent daemon."
        eval `gpg-agent --daemon `
else
        echo "Daemon gpg-agent already running."
fi

# Nasty way to find gpg-agent's socket file...
GPG_SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET`
echo "Updating socket file link."
cp -fs $GPG_SOCKET_FILE $HOME/.gnupg/S.gpg-agent

I'm not quite sure if there is a better way to quickly, find a place of a socket file. In my system it is placed randomly in /tmp/gpg-xxxxxxx/S.gpg-agent, where xxxxxxx are random characters.
If anyone know it please write it down...

Regards...

finley 12-01-2011 11:32 AM

SOLVED: S.gpg-agent issue w/simple commands
 
Quote:

Originally Posted by jrtayloriv (Post 3014986)
I did as you suggested. Now it just says:




Any other ideas? What is S.gpg-agent for?

It's a socket (fifo or named pipe) that gpg-agent uses to communicate. Certain Linux distros use the --no-use-standard-socket option to gpg-agent, causing it to look for this file specifically, instead of creating one automatically with a random name. Which means we need to create it manually.

Just do this:
Code:

# presumably you already have a .gnupg directory, but this won't hurt even if you do
mkdir -p -m 700 ~/.gnupg

# now let's create the socket.  The "p" below says make it a "pipe" (aka: fifo or socket)
mknod -m 700 ~/.gnupg/S.gpg-agent p

# And give gpg-agent a whirl:
gpg-agent --daemon


pbille 07-16-2014 02:26 PM

.gnupg/S.gpg-agent - No such file or directory
 
The man page writeup for gpg-agent is pretty good, succinct, addresses the problem and provides a solution:


~~~~~~~~~~~~~~~~~~~
$> man gpg-agent #a daemon to manage secret (private) keys independently
# from any protocol. It is used as a backend for gpg and gpgsm as well
# as for a couple of other utilities.
#Get the necessary information from gpg-agent
gpg-agent --daemon --enable-ssh-support --write-env-file "${HOME}/.gpg-agent-info"
#Create the necessary environment variables
if [ -f "${HOME}/.gpg-agent-info" ]; then
. "${HOME}/.gpg-agent-info"
export GPG_AGENT_INFO
export SSH_AUTH_SOCK
export SSH_AGENT_PID
fi
~~~~~~~~~~~~~~~~~~~~~~~~~~~


All times are GMT -5. The time now is 10:50 PM.