emacs-erc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 29.1; ERC 5.5.0.29.1: Unnecessary .authinfo.gpg decryption causes co

From: Jake
Subject: Re: 29.1; ERC 5.5.0.29.1: Unnecessary .authinfo.gpg decryption causes connection failure to irc.libera.chat
Date: Sat, 23 Dec 2023 08:00:39 +0000
Hi J.P.

Thanks for taking the time.

> It just decrypts the file straight
> away if it has access to the key it was encrypted with and fails
> otherwise.
It sounds like you've successfully reproduced it, because it's attempted to decrypt the auth-source file.

Now I feel like I'm definitely missing something. Why does it do this? I assume nothing in this file is required to connect to irc.libera.chat, since the connection succeeds if the file is not present.

> So, I was wondering if this prompt is coming from somewhere
> external, such as a secrets manager or a TTY pinentry program
I've had the prompt from gnome keyring on Ubuntu (I assume that's what it is) and gtk-pinentry on another machine. But my issue is that the prompt occurs at all.

> Also, is the "irc.libera.chat:6697" buffer completely blank
> after the failure?
yes it is blank.

> And is there anything relevant recorded in the
> "*Messages*" buffer?
Decrypting /home/jake/.authinfo.gpg...done
epa-file-insert-file-contents: Opening input file: Decryption failed, , No secret key

Thanks
Jake

On Sat, Dec 23, 2023 at 4:41 AM J.P. <jp@neverwas.me> wrote:
Hi Jake,

Jake <jforst.mailman@gmail.com> writes:

> Hello
>
> I encountered an issue with authinfo interfering with ERC:
> When I attempt to connect to the irc.libera.chat server with a random
> nickname and no password, if a ~/.authinfo.gpg file is present on my
> system (or any .gpg file in the auth-sources variable), ERC attempts to
> decrypt this file when connecting. When I don't decrypt it, the
> connection fails.
>
> This occurs with emacs -Q.
>
> If I set auth-sources to nil, or change the name of the .gpg file to
> something else not in auth-sources, I get the expected behavior; i.e., it connects to the server.
>
> Steps to reproduce:
> 1. have an encrypted ~/.authinfo.gpg file (this will also be an element of
> the variable auth-sources, which is the default)
> 2. emacs -Q
> 3. M-x erc-tls
> interactively: RET on default values irc.libera.chat and 6697, then enter a unique nickname and do not
> enter a password
> 4. be prompted to decrypt ~/.authinfo.gpg

I haven't tried very hard to reproduce this yet, but I can't seem to get
Emacs to prompt me from emacs -Q. It just decrypts the file straight
away if it has access to the key it was encrypted with and fails
otherwise. So, I was wondering if this prompt is coming from somewhere
external, such as a secrets manager or a TTY pinentry program, for
example,

  Please enter the passphrase to unlock the OpenPGP secret key:
  "Your Name <you@example.com>"
  3071 RSA key, ID DEAD..BEEF
  created 2023-12-22 17:30 (main key ID ...).

  Passprhase: ____________________________

  <OK> <Cancel>

(although, from your description, it seems like you're using graphical
Emacs). Also, is the "irc.libera.chat:6697" buffer completely blank
after the failure? And is there anything relevant recorded in the
"*Messages*" buffer? Perhaps something like:

  For information about GNU Emacs and the GNU system, type C-h C-a.
  Decrypting /root/.authinfo.gpg...done
  epa-file-insert-file-contents:
  Opening input file: Decryption failed, , No secret key

I'm mainly trying to avoid having to replicate your setup in a VM.

TIA,
J.P.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]