Message: previous - next
Month: July 2016

Re: [trinity-users] Re: Re: Re: kmail & gpg

From: "Dr. Nikolaus Klepp" <office@...>
Date: Sun, 3 Jul 2016 21:43:35 +0200

Am Dienstag, 28. Juni 2016 schrieb deloptes:
> Dr. Nikolaus Klepp wrote:
> > Hi!
> > 
> >> > The "GnuPG agent" checkmark was set, so unset it, reboot, set
> >> > checkmark, reboot, kmail worls as expected :-)
> >> > 
> >> Glad to hear, however ... if it was checked and the agent was not
> >> available, it needs further investigation - possible bug?
> > I'll post the diffs from the backups before/after operation tomorrow - as
> > soon as I get the archives.
> > 
> >> > Just for the files: I used "reboot" because it's easier to get it right
> >> > on the phone this way ...
> >> 
> >> Just for the files: I did not get this part with "the phone"
> > I had to guide my minon in command by phone and it turned out it's easier
> > to order a reboot than an ordered restart of TDE :-)
> > 
> > Nik
> > 
> > 
> I just found out that I have a configuration file
> cd $HOME
> cat .gnupg/gpg.conf
> use-agent
> no-greeting
> ...
> ...
> This is again visible in the gui. Perhaps you could try test this with a
> fresh account.

After playing with the before/after-backups the problem breaks down to this (but I am not 100% sure if this is the whole story):

The workflow for setting up email accounts is this:
get an create an account for the user from the admin, create a gpg-keypair with kgpg, set up kmail and verify it works unencrypted, and at last add gpg support.

So in kmail open settings-dialog, then "Identities", select an identity, "Change", open the "Crypto"-tab, "OpenPGP Key" -> Change, a dialog apears where the "search"-field is filled with the identities email-address. (this field is empty, when you already have a gpg key assoziated with this identity).  Now that prefilled emailaddress does never match any emailaddress in the gnupg keyring, so the list under the search filed is empty and the user has nothing to select from. An unsuspecting user will try to use all buttons on this dialog, but it will lead to nothing. (The only way to associate a gpg key is to clear the search field)

In this state it does not matter if the "use agent"-checkmark in kgpg is set or not, it will ask for the passphrase every time. As soon as the identidy has a correct gpg key assigned to it the "use agent" settings in kgpg work. 


Please do not email me anything that you are not comfortable also sharing with the NSA.