Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gpg: decryption failed: No secret key #179

Closed
altrugon opened this issue May 19, 2016 · 10 comments
Closed

gpg: decryption failed: No secret key #179

altrugon opened this issue May 19, 2016 · 10 comments

Comments

@altrugon
Copy link

@altrugon altrugon commented May 19, 2016

Here are the details about my environment:

  • OS X 10.11.4
  • passwordstore 1.6.5 (homebrew installation)
  • QtPass 1.1.1 (dmg installation)
  • QtPass > Config > Programs: "Use pass" || /usr/local/bin/pass

I have noticed that when I open QtPass and I try to get a password I received the following error:

gpg: decryption failed: No secret key

However, if I go to the console and copy a password and properly insert my master password, then I can re-open QtPass and all my password are accessible, not only that but it doesn't ask me for a master password anymore.

Can somebody help me to solve this? It would be nice if I just insert my master password on QtPass when I open the program or when I try to access to a password, and not have to go to the console for this.

Thank you.

@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

What version of gpg are you using?

On OSX currently we can only support the GPG-tools version unfortunately. Since the other versions don't support graphical passphrase or pinentry on OSX.
Wrapping the passphrase or pinentry of the non-graphical "pinentry" part of GPG is considered a security problem.

@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

The not asking password later on is caused by the gpg-agent keeping the session open.
This is usually for a set time only.

@altrugon
Copy link
Author

@altrugon altrugon commented May 19, 2016

I installed my gpg agent by running brew install homebrew/versions/gnupg21, here are some output form my terminal

~$ ls -l /usr/local/bin/gpg
lrwxr-xr-x  1 altrugon  admin  30 18 May 14:50 /usr/local/bin/gpg -> ../Cellar/gnupg/1.4.20/bin/gpg
~$ ls -l /usr/local/bin/gpg2
lrwxr-xr-x  1 altrugon  admin  33 18 May 15:07 /usr/local/bin/gpg2 -> ../Cellar/gnupg21/2.1.11/bin/gpg2

And also unde QtPass > Config > Progrmas, the unselected "Native git/gpg" option is pointing to /usr/local/bin/gpg2

@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

Unfortunately the homebrew version doesn't have a graphical passphrase or pinentry option as far as I know.
Will try if there is a way to get that in, since I would love to not being dependent on use of the GPGtools.org version.

@altrugon
Copy link
Author

@altrugon altrugon commented May 19, 2016

Ok, thank you for your reply.

Would you mind to give me some details instructions of how to re-installed it then. I'm just starting to use password storage and QtPass, so I don't mind to throw to the garbage all that I have so far.

Thanks.

@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

The only tested GPG version is https://gpgtools.org/
Installing the DMG from there should work, it should automatically be able to import your existing private key etc.

It should just cooperate with the homebrew one as-well . . but it has a graphical pinentry set-up.

Please let me know if that works . .

@altrugon
Copy link
Author

@altrugon altrugon commented May 19, 2016

No luck. Right after installed it I changed the Config/Program/gpg /Applications/GPG Keychain.app and tried to open one of the already created entries and got:

Import Failed!

It seems you are trying to import an encrypted or signed message. To decrypt or verify such messages please use GPGServices.

I assumed that it was because it was created with gpg2 so I deleted everything and tried to create a new one. The process went ok, and after I hit "generate" for the password and save it, GPG Keychain automatically opened and there is nothing obvious to do over there, the only thing I see is 2 listed keys (mine and gpgtools team).

I still confused how passwordstorage and qtpass are going to work together if qtpass use gpg and passwordstorage is using gpg2.

@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

GPG is just an algorithm.
You can import keys across implementations, even across devices.

Passwordstore and QtPass both use gpg2.

Opening the entries with the Keychain app is not going to work.
The keychain app is just for managing your secret key(s) and other peoples public keys.

GPG is a miraculous ecosystem and unfortunately not very easy to get into.

@altrugon
Copy link
Author

@altrugon altrugon commented May 19, 2016

Hehe... my fault then. I did set /usr/local/bin/gpg2 back and now I got the prompt for the master key.

Thank you so much for your support Annejan.

@altrugon altrugon closed this May 19, 2016
@annejan
Copy link
Member

@annejan annejan commented May 19, 2016

Awesome, feel free to participate in any of the other issues or open another one if you have any issues.
This helps me to think more about documentation :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.