[Enigmail] Enigmail asks 2 times for passphrase
Patrick Brunschwig
patrick at mozilla-enigmail.org
Wed Jan 7 23:59:09 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ludwig Zins wrote:
> Ludwig Zins schrieb:
>> Hi Charly,
>>
>> thanks for your quick answer.
>> I will try today evenning at home when I'm on my ubuntu machine.
>>
>> I will check my gpg path, but I think it will be correct, because if I
>> use PGP-Inline there's no problem.
>>
>> In the german ubuntuforums there is one user with the same problem.
>> But I got no response if he solved the problem.
>>
>> I forgot to mention that I use ubuntu 8.04 LTS Hardy.
>> Maybe the problem ist solved with an dist-upgrade to 8.10 or even the
>> upgrade of gpg is enough, i will see.
>>
>>
>> Ludwig
>>
>>
>>
>> Charly Avital schrieb:
>>> Ludwig Zins wrote the following on 1/6/09 11:13 AM:
>>>> Hi all,
>>>>
>>>> I've got a problem on my System using Enigmail.
>>>> I use Tunderbird (2.x) on ubuntu Linux ans use PGP/MIME to sign my e-mails.
>>>> Enigmail asks me 2 times for the passphrase. If I use PGP-Inline,
>>>> everything works fine.
>>>> My e-mails are signed correctly, but only after 2 typing 2 times the
>>>> passphrase.
>>>>
>>>> Does anyone know this effect?
>>>> Is it a bug in enigmail or in ubuntu? I don't know if it works on other
>>>> ditris (Fedora, Suse.....).
>>>>
>>>> Regards
>>>> Ludwig
>>> Hi Ludwig,
>>>
>>> I run Linux Ubuntu 8.10_64bits on a Macintosh Intel laptop under virtual
>>> software VMware.
>>>
>>> I have just checked that system (where I use Thunderbird 2.0.0.19,
>>> Enigmail 0.95.7), sent myself a PGP/MIME signed message, and was
>>> reqested to enter my passphrase once.
>>>
>>> I follow the Ubuntu-users mailing list, and couldn't find any reference
>>> to a problem similar or identical to yours.
>>>
>>> I would recommend that you upgrade your GnuPG software to 1.4.9, that is
>>> the current stable release. According to the raw source of your message,
>>> you are running 'Version: GnuPG v1.4.6 (GNU/Linux)'.
>>>
>>> I don't pretend this will solve your problem, but it's worth trying, and
>>> anyway gpg 1.4.6 is now way back.
>>>
>>> A *very wild* guess is that you might have "two" gpgs installed and
>>> running simultaneously. I suggest that you explore your system (via
>>> Terminal) and find out where gpg is installed.
>>>
>>> The default path should be
>>> /usr/local/bin/gpg
>>>
>>> Please check in Thunderbird's OpenPGP/Preferences, what is the path
>>> selected in Preferences/Basic. It if something different that is not
>>> /usr/local/bin/gpg, you might have two gpgs running.
>>>
>>> As I said, a *very wild* guess.
>>>
Please don't top-post.
> Seems to be a bug!
I'd call it an undesired side-effect (see below)
> I found this:
>
> https://bugs.launchpad.net/ubuntu/+source/enigmail/+bug/246364
> http://www.mozilla-enigmail.org/forum/viewtopic.php?f=3&t=421
> http://bugzilla.gnome.org/show_bug.cgi?id=552086
>
> So I hope this will be solved in future!
>
> @Charly
> I have only installed one gpg (1.4.6), this is the correct version of
> ubuntu 8.04 Hardy.
The problem is that on Ubunutu the gpg-agent from Seahorse is enabled by
default. This means that all passphrase management is handled outside
Enigmail by a gpg-agent. The problem behind it is that Enigmail needs to
find out which hash algorithm to use when sending a PGP/MIME signed
message before the message is actually signed. This is done by creating
a small test message and asking GnuPG to sign it - which requires the
passphrase. I haven't found another easy way yet how to find out about
the used hash algorithm in advance.
If you don't want the passphrase to be cached, I would suggest you
define a small time window for the passphrase to be cached, e.g. 30
seconds. This way gpg-agent will remember the passphrase only very
shortly and should thus not ask twice.
If you want passphrase management enabled from within Enigmail, you'll
have to disable the seahorse gpg-agent (don't ask me how!), or at least
make sure that the environment variable GPG_AGENT_INFO is not set when
starting Thunderbird.
- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEVAwUBSWWyTHcOpHodsOiwAQKLFQf9HXmYZWx4Y0Iik3yLQ8tgxYzZ/gcR1E0S
ctAyB00DzYkjt8qMDkpzq4udnrouzhImjvnKHUP6RTFmlIr6gJj2EhWVl3OycO7v
pfCXzZ6LFABfnZf+Ex6Ws81QVCNesPskAQBNRuVDN4nfJkkffomnVepn3jF+UZAt
SB3zAObMRfO/JAsRwPMyz6fuFvaY6w/UpgCYfe3VC/yDbjaJADJclhsTHh2fX7vs
FysnqqgwnQmD/ndwkYLN9ajB4VcE5lZpOY1wVJUVJ3HvYEs4rEqOaBzRKtcHD7YO
lVlgxOIouKGLiQGD5heF/ifLaG3NkOGW/mAkwruTsIkYouTL211WLw==
=Xhzt
-----END PGP SIGNATURE-----
More information about the Enigmail
mailing list