[rt-users] GnuPG problems with message decryption

Martin Drašar drasar at ics.muni.cz
Thu Feb 23 02:22:51 EST 2012


Dne 22.2.2012 21:48, Ruslan Zakirov napsal(a):
>> I have this in the log:
>>> [Tue Feb 21 15:34:09 2012] [debug]: Found encrypted inline part (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:906)
>>> [Tue Feb 21 15:34:09 2012] [debug]: [GNUPG:] ENC_TO 26B34A0AE44C6E92 1 0
>>> [GNUPG:] USERID_HINT 26B34A0AE44C6E92 CSIRT-MU DEVEL<rt at rt-devel.ics.muni.cz>
>>> [GNUPG:] NEED_PASSPHRASE 26B34A0AE44C6E92 023D741AB8EF2A3A 1 0
>>> [GNUPG:] MISSING_PASSPHRASE
>>> [GNUPG:] BAD_PASSPHRASE 26B34A0AE44C6E92
>>> [GNUPG:] ENC_TO 110B534B28C8D875 1 0
>>> [GNUPG:] NO_SECKEY 110B534B28C8D875
>>> [GNUPG:] BEGIN_DECRYPTION
>>> [GNUPG:] DECRYPTION_FAILED
>>> [GNUPG:] END_DECRYPTION (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:1417)
>>> [Tue Feb 21 15:34:09 2012] [error]: gpg: cancelled by user
>>> gpg: encrypted with 2048-bit RSA key, ID 28C8D875, created 2010-12-30
>>>        "Martin Drasar<drasar at ics.muni.cz>"
>>> gpg: encrypted with 2048-bit RSA key, ID E44C6E92, created 2012-02-21
>>>        "CSIRT-MU DEVEL<rt at rt-devel.ics.muni.cz>"
>>> gpg: public key decryption failed: bad passphrase
>>> gpg: decryption failed: secret key not available (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:1419)
>>> [Tue Feb 21 15:34:09 2012] [debug]: Found GnuPG protected parts (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:240)
>>> [Tue Feb 21 15:34:09 2012] [debug]: Error during verify/decrypt operation (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:244)
>>> [Tue Feb 21 15:34:09 2012] [error]: Had a problem during decrypting and verifying (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:102)
>>
>> This is happening with RT-4.0.5 as well as 3.8.7.
>>
>> Any thoughts?
>
> Have you read the log? It's pretty clear. Message is encrypted for two
> recipients. You have required key in the keyring, but you didn't
> provide passphrase. You either use passphraseless keys, use gpg-agent
> or set passphrase in RT config.
>

Hi, Ruslan,

I have definitely read the log. Several times...
As I have said, I am using the gpg-agent and in my configuration the 
gpg-agent happily provides a password for RT when signing the message 
(the same operation as decrypting) but fails in this case, i.e. there is 
some problem when retrieving the passphrase for decrypting purposes 
using gpg-agent. It can either be a configuration error or a bug - I 
will probably hunt it down someday no matter what it is, but it would 
help me to hear whether there is someone who actually has it working in 
a setup like mine.

Martin



More information about the rt-users mailing list