← Back to team overview

touch-packages team mailing list archive

[Bug 1458967] Re: gpg not asking for passphrase to decrypt a file

 

I could have sworn I wrote a response to this weeks ago. Bummer.

If you use gpg --symmetric without using -r, you can create a file that
requires using the passphrase to decrypt it; I don't think any of the
various gpg agents will cache symmetric passphrases.

If you want to disable use of a gpg agent entirely, you add the no-use-
agent option to your ~/.gnupg/gpg.conf file.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1458967

Title:
  gpg not asking for passphrase to decrypt a file

Status in gnupg package in Ubuntu:
  Invalid

Bug description:
  Ubuntu 12.04 LTS.

  Signed Ubuntu Code of Conduct without issuet,
  Decided to play with gpg to learn more about it, using the UCofC text for testing,
  Saved the UCofC into UCC2,txt.
  Encrypted the file into UCC2.gpg with command:  gpg -r $USER -o UCC2.gpg --yes --symmetric -e UCC2.txt
  This worked fine, asking me for the passphrase twice, as expected.
  I gave it the one that I used to sign the UCofC for Launchpad.
  Then, to test the decryption: gpg -d UCC2.gpg >UCC2_1.txt
  Got the following messages:

  'You need a passphrase to unlock the secret key for
  'user: "Phillip Norisez (This is my key for Launchpad) <norisezp@xxxxxxxxxxx>"
  '2560-bit ELG-E key, ID F91FDEB0, created 2015-04-27 (main key ID 05B43F32)
  '
  'gpg: encrypted with 1 passphrase
  'gpg: encrypted with 2560-bit ELG-E key, ID F91FDEB0, created 2015-04-27
   '     "Phillip Norisez (This is my key for Launchpad) <norisezp@xxxxxxxxxxx>"'

  All of which seems to indicate the decrypt did not work.
  HOWEVER, diff UCC2_1.txt UCC2.txt DID NOT ERROR OUT AS EXPECTED.
  It seems that the text actually was written out to the file, even though errors appeared.
  Now, this leads me to ask the following:

  Why did the decrypt seem to work OK in spite of the errors?

  Why didn't gpg ask me for the passphrase?  (I checked some old (ca
  2009) posts that came up in a search for "gpg not asking"  and found
  one that discussed checking the passphrase caching preferences for
  seahose, but I could not find them.   I attributed this to the age of
  the posts; the preferences may have been deleted or moved.

  So, how do I change the caching preferences?  Or can I not do that?

  Bottom line is that I expected gpg to ask me for the passphrase every
  time I try to decrypt the file.  Is this a valid expectation?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1458967/+subscriptions