Comments (18)
dominikschulz
commented on July 26, 2024
1
We're collecting the first batch of feedback in develop and will soon do a point release. If you're using go get you can check out master and build that anytime.
from gopass.
kyleboon
commented on July 26, 2024
1
For some reason I had gpg1 installed also, I don't need that so I uninstalled and it works for me. Might be worth just adding an override via an env variable in case this comes up for someone who doesn't have a good workaround?
from gopass.
dragon788
commented on July 26, 2024
1
Might not hurt to capture the version of gpg with gpg --version and do slightly different handling or offer a warning if two versions are detected. Could also do a "smart" detection where if the .gnupg/secring.db exists that means gpg has been initialized, otherwise if the .gnupg/pubring.kbx exists they are using gpg2. I also noticed if you ran gpg2 after gpg1 there is a .gnupg/.gpg-v21-migrated file which reading their release notes strongly suggestions you stop using gpg if possible because gpg2 operations won't update the gpg1 pub/priv keys for trust anymore.
from gopass.
dominikschulz
commented on July 26, 2024
Try export GOPASS_DEBUG=true to get some more debug output.
from gopass.
metalmatze
commented on July 26, 2024
You can use: gpg --list-keys to check if a key with the fingerprint exists. We do not much more under the hood.
from gopass.
ndarilek
commented on July 26, 2024
Ah, so when I run the command displayed in the debug output, I see:
```
gpg: Note: '--with-colons' is not considered an option
gpg: Note: '--with-fingerprint' is not considered an option
gpg: Note: '--fixed-list-mode' is not considered an option
gpg: Note: '--list-public-keys' is not considered an option
tru::1:1451480729:0:3:1:5
pub:-:4096:1:0205FA0EFEAD8457:1409057771:1566737771::-:::scaESCA:::::::
fpr:::::::::B01CECF21E703749B083E1780205FA0EFEAD8457:
uid:-::::1409057771::50DF8E6034F328B63C1B03A18D0955E79A3DF349::Nolan
Darilek <[email protected]>:::::::::
sub:-:4096:1:1FA166BC17ECABA2:1409057771:1566737771:::::e::::::
```
Wondering if the errors at the beginning of the output are causing this
to fail?
This is on Fedora 24 with the default gnupg packages installed.
Thanks.
from gopass.
ndarilek
commented on July 26, 2024
Wait, never mind. Previous was a cut-and-paste error on my part, but I
did find something else:
Fedora 24 has both /usr/bin/gpg and /usr/bin/gpg2. On both, `gpg
--version` reports 2.1.13. Yet, if I call /usr/bin/gpg as gopass does,
the key isn't found. It is found when I call the binary as /usr/bin/gpg2.
Maybe there is a GPG 1.x compatibility mode that can't read 2.x keys?
from gopass.
dominikschulz
commented on July 26, 2024
Oh, nice find.
This should be fixed by #9
from gopass.
ndarilek
commented on July 26, 2024
Cool. And that isn't yet merged into master I assume? I'm using go get.
Thanks, looking forward to using this.
from gopass.
ndarilek
commented on July 26, 2024
Got it. So I've been fumbling around on Google for a while and can't
find this. How do I go get from develop? All I find is that `go get`
retrieves from the head of the default branch. Is develop the default?
from gopass.
metalmatze
commented on July 26, 2024
Simply use go get to fetch the repository to your machine. Once done go to $GOPATH/src/github.com/justwachcom/gopass. If you are in that directory you can see that it is a normal git repository. Run git checkout develop. Now you can build a new binary by running make build.
Hope that helps. Didn't test it, because I'm on mobile right now.
from gopass.
ndarilek
commented on July 26, 2024
Got it, now I have a develop binary, but now it tells me no private keys
were found.
Error: No useable private keys found
There is definitely output for the command. Is it safe to paste said
output into this issue?
from gopass.
ndarilek
commented on July 26, 2024
FWIW, I've created a repo with pass, then used gopass to pull entries
from it. So there doesn't appear to be anything wrong with my GPG setup,
just Gopass' ability to parse the keys in the init command.
from gopass.
dominikschulz
commented on July 26, 2024
I've tracked down the root cause: Depending on your GPG version and config GPG may mark trused but not signed keys as unknown. Thus gopass would ignore this key for encryption.
To work around this limitation we currently disabled recipient checking and default to alwaystrust.
from gopass.
kyleboon
commented on July 26, 2024
@dominikschulz I'm running into this problem with the latest version of gopass.
gopass 1.4.1 (634dd033d9ddc5777e0ff5d8ab221b96e6265113 2017-10-06 03:03:40) go1.9.1 darwin amd64
gpg1 --version
gpg (GnuPG) 1.4.22
gpg --version
gpg (GnuPG) 2.2.1
libgcrypt 1.8.1
▶ gopass init D507934588256274
[DEBUG] Loaded config: &{Root:0xc42000f440 Mounts:map[wms:0xc42000f620] Version:1.4.1 XXX:map[]}
[DEBUG] Loaded config from /Users/z002nd2/.config/gopass/config.yml: &{Root:0xc42000f440 Mounts:map[wms:0xc42000f620] Version:1.4.1 XXX:map[]}
Failed to initialized mount wms (/Users/z002nd2/.password-store-wms): password store wms is not initialized. Try gopass init --store wms --path /Users/z002nd2/.password-store-wms. Ignoring
Initializing a new password store ...
[DEBUG] gpg.listKeys: /usr/local/bin/gpg1 [/usr/local/bin/gpg1 --with-colons --with-fingerprint --fixed-list-mode --list-public-keys D507934588256274]
[DEBUG] gpg.listKeys: /usr/local/bin/gpg1 [/usr/local/bin/gpg1 --with-colons --with-fingerprint --fixed-list-mode --list-secret-keys 21169A2321248830D72E81C8D507934588256274]
gpg: error reading key: secret key not available
▶ /usr/local/bin/gpg1 --with-colons --with-fingerprint --fixed-list-mode --list-secret-keys 21169A2321248830D72E81C8D507934588256274
gpg: error reading key: secret key not available
the same command with gpg2 works fine though.
▶ /usr/local/bin/gpg --with-colons --with-fingerprint --fixed-list-mode --list-secret-keys 21169A2321248830D72E81C8D507934588256274
sec:u:4096:1:D507934588256274:1495601237:::u:::scESC::::::23::0:
fpr:::::::::21169A2321248830D72E81C8D507934588256274:
grp:::::::::246896E55F78A2E8DFB17D05923930E3C1753241:
uid:u::::1495601237::68C277AEC585FED73C672133CBAFBFED8730E01F::WMS Secrets <[email protected]>::::::::::0:
ssb:u:4096:1:C35D3935D344E22F:1495601237::::::e::::::23:
fpr:::::::::F0B179BFDA03F1CBFDC77664C35D3935D344E22F:
grp:::::::::7E2938F202C4B9F831A4D1E2C2F1A9FDD3A05CA4:
from gopass.
dominikschulz
commented on July 26, 2024
gopass should use gpg2 if that's available.
I think this line https://github.com/justwatchcom/gopass/blob/master/backend/gpg/cli/gpg.go#L62 might be wrong.
from gopass.
kyleboon
commented on July 26, 2024
Probably. There's no gpg2 binary on my system. Aliasing gpg2 to gpg didn't
seem to help.
…On Tue, Oct 17, 2017 at 10:42 AM, Dominik Schulz ***@***.***> wrote:
gopass should use gpg2 if that's available.
I think this line https://github.com/justwatchcom/gopass/blob/
master/backend/gpg/cli/gpg.go#L62 might be wrong.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#5 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABTjZ4MLTvKRwjCRDqdpi90bqAWMGDBlks5stMrWgaJpZM4L1dGZ>
.
from gopass.
kyleboon
commented on July 26, 2024
It looks like this was a change in the homebrew recipe when the version went from 2.1.21 to 2.2.1
from gopass.
Related Issues (20)
- Feature request: configuration option to disable logo in notification HOT 4
- setup creates new branch in existing store
- audit /audit summary is broken/regressed HOT 4
- [FR] In a `gopass create` template, how do I specify that password should not be generated?
- Public keys are not exported into mounted stores HOT 5
- The same recipient can be added several times HOT 1
- gopass audit: checks still report as failure
- Gopass does not consistently respect upper and lowercase in secret names / Git commit fails if secret exists in different case HOT 3
- Windows Defender detects 1.15.12 as malware HOT 4
- [FR] Provide a log option to create sanitized logs suitable for sharing
- gopass not picking tmp dir location from ENV variable. Can't see a config option neither. HOT 3
- Confusing "need to unlock" message during setup
- deb package doesn't come with completions or a man page HOT 1
- gopass unable to find PGP keys when running in Github Actions
- Trailing whitespace removed when copying password to clipboard HOT 1
- some checks fail on void linux HOT 1
- [FR] Allow selecting the line to copy HOT 3
- Expired GPG Keys should not be ignored silently + there seems to be no gopass command to refresh life-extended keys
- [Question] Is there anyway to add a pin before showing the password HOT 1
- Hooks not firing HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gopass.