1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1108495: pinentry problem with Debian 12.11

    From Andreas Metzler@21:1/5 to [email protected] on Mon Jul 7 16:30:02 2025
    On 2025-06-30 Jeffrey Rhodes <[email protected]> wrote:
    The pinentry bug is coincident with updating to or after a new install
    to 12.11. Prior to that a python3 script running in a Terminal could
    call os.system(‘gpg —decrypt file’) and a PIN pop-up window would request a Passphrase. Also, no decryption errors are reported, not
    even when the key needed for decryption is locally missing.


    Works for me with both pinentry-gtk2 and pinentry-tty.

    ametzler@argenau:~$ rm -rf /tmp/gpghome ; install -d -m0700 /tmp/gpghome ; gpg --homedir /tmp/gpghome --batch --pinentry-mode loopback --passphrase 1234 --quick-generate-key [email protected]
    gpg: keybox '/tmp/gpghome/pubring.kbx' created
    gpg: /tmp/gpghome/trustdb.gpg: trustdb created
    gpg: directory '/tmp/gpghome/openpgp-revocs.d' created
    gpg: revocation certificate stored as '/tmp/gpghome/openpgp-revocs.d/9C7D203179D87C924581E1968507ED6E2CB369C7.rev'
    ametzler@argenau:~$ echo content > /tmp/input
    ametzler@argenau:~$ gpg --homedir /tmp/gpghome --encrypt --recipient [email protected] /tmp/input
    gpg: checking the trustdb
    gpg: marginals needed: 3 completes needed: 1 trust model: pgp
    gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
    gpg: next trustdb check due at 2028-07-06
    ametzler@argenau:~$ /tmp/run-py.py
    gpg: encrypted with cv25519 key, ID 02D8ABA3508D585F, created 2025-07-07
    "[email protected]"
    Please enter the passphrase to unlock the OpenPGP secret key: "[email protected]"
    255-bit ECDH key, ID 02D8ABA3508D585F,
    created 2025-07-07 (main key ID 8507ED6E2CB369C7).

    Passphrase:
    content
    ametzler@argenau:~$ cat /tmp/run-py.py
    #!/usr/bin/python3

    import os

    # ametzler@argenau:~$ rm -rf /tmp/gpghome ; install -d -m0700 /tmp/gpghome ; gpg --homedir /tmp/gpghome --batch --pinentry-mode loopback --passphrase 1234 --quick-generate-key [email protected]
    # echo content > /tmp/input
    # gpg --homedir /tmp/gpghome --encrypt --recipient [email protected] /tmp/input

    os.system("gpg --homedir /tmp/gpghome --decrypt /tmp/input.gpg")

    cu Andreas
    --
    `What a good friend you are to him, Dr. Maturin. His other friends are
    so grateful to you.'
    `I sew his ears on from time to time, sure'

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)