On Tue, Feb 21, 2012 at 19:56, Martin Drasar <drasar@...> wrote:
> I have a question for anyone experienced with using gpg with gpg agent.
> My situation is as follows:
> - I have configured the RT and GPG according to this manual:
> http://wiki.rediris.es/rtirwg/Public_GPGConfig > - The RT is able to verify signatures on incoming mail and is able to
> sign mails
> - It is however not able to decrypt incoming mails, which is strange
> considering the signing and the decryption are practically identical
> I have this in the log:
>> [Tue Feb 21 15:34:09 2012] [debug]: Found encrypted inline part (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:906)
>> [Tue Feb 21 15:34:09 2012] [debug]: [GNUPG:] ENC_TO 26B34A0AE44C6E92 1 0
>> [GNUPG:] USERID_HINT 26B34A0AE44C6E92 CSIRT-MU DEVEL <rt@...>
>> [GNUPG:] NEED_PASSPHRASE 26B34A0AE44C6E92 023D741AB8EF2A3A 1 0
>> [GNUPG:] MISSING_PASSPHRASE
>> [GNUPG:] BAD_PASSPHRASE 26B34A0AE44C6E92
>> [GNUPG:] ENC_TO 110B534B28C8D875 1 0
>> [GNUPG:] NO_SECKEY 110B534B28C8D875
>> [GNUPG:] BEGIN_DECRYPTION
>> [GNUPG:] DECRYPTION_FAILED
>> [GNUPG:] END_DECRYPTION (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:1417)
>> [Tue Feb 21 15:34:09 2012] [error]: gpg: cancelled by user
>> gpg: encrypted with 2048-bit RSA key, ID 28C8D875, created 2010-12-30
>> "Martin Drasar <drasar@...>"
>> gpg: encrypted with 2048-bit RSA key, ID E44C6E92, created 2012-02-21
>> "CSIRT-MU DEVEL <rt@...>"
>> gpg: public key decryption failed: bad passphrase
>> gpg: decryption failed: secret key not available (/home/RT/RT-4.0.5/sbin/../lib/RT/Crypt/GnuPG.pm:1419)
>> [Tue Feb 21 15:34:09 2012] [debug]: Found GnuPG protected parts (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:240)
>> [Tue Feb 21 15:34:09 2012] [debug]: Error during verify/decrypt operation (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:244)
>> [Tue Feb 21 15:34:09 2012] [error]: Had a problem during decrypting and verifying (/home/RT/RT-4.0.5/sbin/../lib/RT/Interface/Email/Auth/GnuPG.pm:102)
> This is happening with RT-4.0.5 as well as 3.8.7.
> Any thoughts?
Have you read the log? It's pretty clear. Message is encrypted for two
recipients. You have required key in the keyring, but you didn't
provide passphrase. You either use passphraseless keys, use gpg-agent
or set passphrase in RT config.