gpg / gpg-agent -- Can't connect to /root/.gnupg/S.gpg-agent

jrtayloriv · 01-07-2008, 05:22 PM

I am having trouble with gpg & gpg-agent. I ran

Code:

gpg --gen-key

And right after I input my name and email, it crashes with the following message:

Quote:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory
gpg-agent[23478]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: Key generation canceled.

Any idea how I might fix this?

Thanks,
jrtayloriv

gilead · 01-07-2008, 06:17 PM

Have you tried creating the directory /root/.gnupg using mkdir (and possibly the S.gpg-agent file within it with touch)? The directory permissions should be 0700. Can you post the output of re-running the command once you've done that?

jrtayloriv · 01-07-2008, 08:23 PM

I did as you suggested. Now it just says:

Quote:

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can't connect to `/root/.gnupg/S.gpg-agent': Connection refused
gpg-agent[25509]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: Key generation canceled.

Any other ideas? What is S.gpg-agent for?

gilead · 01-07-2008, 08:37 PM

I use GPG, bit not the agent. It turns out that S.gpg-agent is a socket (not a file which is what the touch command creates). The gpg-agent listens to gpg, intercepts requests for passphrases and supplies the info so you don't have to type your passphrase all the time.

How is gpg-agent started on your box? It looks like it's running since it's what generated the error. However, it also looks like it can't reference the required socket. Is there a file in /tmp that looks anything like S.gpg-agent? Therre's some info at https://bugs.g10code.com/gnupg/issue859 which may be related. I'd also recommend the info at http://www.gentoo.org/doc/en/gnupg-user.xml and http://www.linuxcertif.com/man/1/gpg-agent/

madyogi · 03-23-2009, 01:56 PM

First recommend to use the saint
]$ man gpg-agent

Read it.

You will learn that gpg-agent should be started rather as daemon and only as a single pid. If you start looking the daemon start-up procedure inside your system of course, you won't find it (I didn't and it was Fedora 10). Well, First what I decided to do was to fallow the manual, so I did:

Code:

]$ vi $HOME/.bashrc

and added following lines into it:

Code:

# GPG-AGENT stuff
GET_TTY=`tty`
export $GET_TTY
$HOME/<somercdir>/gpg-agent-start.sh

Yes, you don't have the "gpg-agent-start.sh" file yet and there is no word about it in man! Here it is:

Code:

#!/bin/bash

# Decide wether to start gpg-agent daemon.
# Create necessary symbolic link in $HOME/.gnupg/S.gpg-agent

SOCKET=S.gpg-agent
PIDOF=`pidof gpg-agent`
RETVAL=$?

if [ "$RETVAL" -eq 1 ]; then
	echo "Starting gpg-agent daemon."
	eval `gpg-agent --daemon `
else
	echo "Daemon gpg-agent already running."
fi

# Nasty way to find gpg-agent's socket file...
GPG_SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET`
echo "Updating socket file link."
cp -fs $GPG_SOCKET_FILE $HOME/.gnupg/S.gpg-agent

I'm not quite sure if there is a better way to quickly, find a place of a socket file. In my system it is placed randomly in /tmp/gpg-xxxxxxx/S.gpg-agent, where xxxxxxx are random characters.
If anyone know it please write it down...

Regards...