--- Begin Message ---
Subject: |
Cannot generate key pair with GnuPG |
Date: |
Wed, 24 Jul 2019 06:00:44 -0400 |
Hello Guix!
The current gnupg package in guix has "pinentry" as a missing
dependency.
Because of this, GnuPG throws the following error upon attempting to
generate key pairs:
gpg: agent_genkey failed: No pinentry
gpg: key generation failed: No pinentry
So it appears, unless the above mentioned dependency issue is fixed,
one cannot create gpg key pairs. :(
Regards,
RG.
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#24076: gnupg [-agent]: when signing [commits], it claims that there is no pinentry - but there is |
Date: |
Thu, 26 Mar 2020 13:09:40 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Hi!
address@hidden (Ludovic Courtès) skribis:
> What about having GnuPG depend on pinentry-tty, and configuring it with:
>
> --with-pinentry-pgm=/path/to/pinentry-tty
>
> ? That would at least provide a reasonable default. The closure size
> of GnuPG would increase from 220 to 243 MiB (+10%).
>
> Most of the time, people will want to use pinentry-gtk though.
>
> Another option would be to change ‘gnupg_module_name’, in homedir.c, from:
>
> case GNUPG_MODULE_NAME_PINENTRY:
> #ifdef GNUPG_DEFAULT_PINENTRY
> return GNUPG_DEFAULT_PINENTRY;
> #else
> X(bindir, "pinentry");
> #endif
>
>
> to something like:
>
> case GNUPG_MODULE_NAME_PINENTRY:
> X(homedir, ".guix-profile/bin/pinentry);
>
> … in which case GnuPG would default to the user-installed pinentry, if
> available. Not perfect either, but closer to what other distros do.
I (finally!) implemented this second option in commit
c7af9d0b5ebaa1fdb08ff5d8a56004998bcd8103.
I confirmed that it has the indented effect like this:
--8<---------------cut here---------------start------------->8---
ludo@ribbon ~/src/guix$ ./pre-inst-env guix environment --ad-hoc gnupg strace
coreutils sed grep -C
ludo@ribbon ~/src/guix [env]$ strace -f -o ,,s -s 500 gpg --generate-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/home/ludo/.gnupg' created
gpg: keybox '/home/ludo/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: Foo Bar
Email address: address@hidden
You selected this USER-ID:
"Foo Bar <address@hidden>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: agent_genkey failed: No pinentry
Key generation failed: No pinentry
--8<---------------cut here---------------end--------------->8---
where the strace log shows:
10 execve("/home/ludo/.gnupg/.guix-profile/bin/pinentry", ["pinentry"],
0x7f7aa80035e0 /* 14 vars */) = -1 ENOENT (No such file or directory)
So now one just needs to install one of the pinentry packages.
Thanks,
Ludo’.
--- End Message ---