[rt-users] gpg: bad passphrase in apache error logs

Charlie Reddington charlie.reddington at gmail.com
Mon Aug 25 17:01:25 EDT 2008


I'm thinking that my gpg errors are all stemming from the fact that RT  
is may be reading my configs wrong. I'm not 100% yet but that's what  
my first thought is after staring at this for 2 days now.

I'm getting this in my apache error logs....

[Mon Aug 25 20:50:28 2008] [info]:  
<rt-3.8.0-19558-1219697428-138.46-3-0@<removed>> #46/454 - Scrip 3 On  
Create Autoreply To Requestors (/usr/local/rt-3.8.0/bin/../lib/RT/ 
Action/SendEmail.pm:302)
[Mon Aug 25 20:50:29 2008] [warning]: gpg: WARNING: unsafe ownership  
on homedir "/usr/local/rt-3.8.0/var/data/gpg" (/usr/local/rt-3.8.0/ 
bin/../lib/RT/Crypt/GnuPG.pm:546)

[Mon Aug 25 20:50:29 2008] [error]: gpg: no default secret key: bad  
passphrase
gpg: [stdin]: sign+encrypt failed: bad passphrase (/usr/local/rt-3.8.0/ 
bin/../lib/RT/Crypt/GnuPG.pm:547)
[Mon Aug 25 20:50:29 2008] [error]: BAD PASSPHRASE: Bad passphrase for  
helpdesk2@<removed>.com (/usr/local/rt-3.8.0/bin/../lib/RT/Interface/ 
Email.pm:697)

[Mon Aug 25 20:50:29 2008] [info]:  
<rt-3.8.0-19558-1219697428-827.46-4-0@<removed>> #46/454 - Scrip 4 On  
Create Notify AdminCcs (/usr/local/rt-3.8.0/bin/../lib/RT/Action/ 
SendEmail.pm:302)
[Mon Aug 25 20:50:29 2008] [info]:  
<rt-3.8.0-19558-1219697428-827.46-4-0@<removed>> No recipients found.  
Not sending. (/usr/local/rt-3.8.0/bin/../lib/RT/Interface/Email.pm:337)
[Mon Aug 25 20:50:29 2008] [info]: Ticket 46 created in queue  
'General' by charlier@<removed>.com (/usr/local/rt-3.8.0/bin/../lib/RT/ 
Ticket_Overlay.pm:659)
<removed>

I have set the homedir to var/data/gpg and I have given that directory  
775 permissions. It seems like it is creating the temp file that it  
uses to store the key as I get errors if I put my permissions to  
restrictive but when I set it to this it seems okay.

Here's my latest RT_SiteConfig.PM

Set(%GnuPG, Enable=>1, OutgoingMessagesFormat=>RFC,  
EncryptDataInDb=>0,);
Set(%GnuPGOptions, '--homedir'=>'var/data/gpg', '-- 
passphrase'=>'password',);

The only other thing I can think of is that I'm creating the gpg key  
wrong. What I'm doing is this.

As root, I run gpg --gen-key

For Name I put in 'helpdesk2'
For email I put in 'helpdesk2@(removed).com'
For comment I leave it blank.

Next I put in the passphrase, which at this point is overly simple to  
make sure I'm not spelling things funky.

I add my users public key to the public key ring for that user and  
then I grab the contents of the .gnupg directory and copy them over to  
var/data/gpg

Hoping someone can throw me a bone here, I'm officially stuck.

Charlie





More information about the rt-users mailing list