[Enigmail] OpenPGP Card: fundamental problems

Patrick Brunschwig patrick at mozilla-enigmail.org
Tue Mar 10 01:59:47 PDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Stefan X wrote:
>>>>> 2009-03-08 15:38:18.802 enigmail.js: detectGpgAgent:
>>>>> GPG_AGENT_INFO='/tmp/seahorse-axoWSa/S.gpg-agent:5551:1'
>>>> Could you please disable "use GPG agent" in OpenPGP advanced settings and
>>>> try again? I suspect it's a problem between GnuPG 1.4.9 and seahorse. You
>>>> might also try using GnuPG 2.x and reenable "use GPG agent".
>>>>
>>>> Olav
>>> Hi Olav,
>>> the funny thing is, "use GPG agent" is already DISABLED! What to do?
>>
>>
>> Please don't top-post. To disable the use of gpg-agent, unset the
>> environment variavle GPG_AGENT_INFO.
>
> Hi Patrick!
> Thanks a lot for your tip.
>
> I open a shell, "unset GPG_AGENT_INFO" and execute Thunderbird
> afterwards in the same shell. This solves the problem for me. I can use
> the OpenPGP card without a problem. :-)
>
> For my understanding the problem is that Seahorse does not support
> smartcards but is used in Ubuntu as the default way for PIN handling.
> Also disabling the option to use GPG Agent in Enigmail does not work for
> any reason. If using smart cards, Seahorse does not work but GnuPG
> itself would do a better job. So two questions are remaining:
>
> 1. I wouldn't like each time to start a shell, unset GPG_AGENT_INFO and
> execute Thunderbird afterwards. There should be a more elegant
> workaround. For my understanding unsetting GPG_AGENT_INFO in ~/.profile
>  would not be a good solution because Seahorse may be appropriate in
> other cases. So I would like to unset GPG_AGENT_INFO for Thunderbird
> only. Maybe it is possible to define a alias "thunderbird" which unsets
> the variable before executing the application? Or any other elegant
> solution?

I'd create a shell script that unsets GPG_AGENT_INFO, or (actually
better): use gpg-agent instead of Seahorse-agent.

> 2. Should/Could this problem be fixed in Enigmail?

No, have defined that if GPG_AGENT_INFO is available, then gpg-agent
must be used. For GnuPG v2.x you cannot live without any gpg-agent anyway.

- -Patrick

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSbYsAncOpHodsOiwAQhv1Qf9FV2ofxZqlFARxruuI+thxUeq6Ej3w8UI
4PtLo6MhVkOjqcUTPduU7GDlVPR88OochUU9JZ9NFHUkhFhQeFP5iiybmBU+3CLs
AiCGexv94895J6k60gGzs/H49gJ/J80GRVTMoBYZB+iAA1PydmJfinkypqUgYr/m
GaVaxFc9Ezze1iTTXbsTOK/gPPvaf96mnKDrwhFDNcrOqhRaaIapyw/IMiuFzbHn
X/HsCVZDL0WqW56YF3X5fXDqEO0qm3MCGqqTM3qd6ptOdmSohVWNuHU/Fl0wg8gH
6gIqIJuPqJVWT9q34jmeOImajuRm1StboYj3lk6v/ckkyWyeDtVjbg==
=Xr8k
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list