Enigmail cannot communicate with gpg-agent

emailencryptionenigmailgnupgthunderbird

Update

As of Ubuntu 16.04, the plug-in works as expected and there's no need to downgrade as suggested in the accepted answer. The question was applicable to Ubuntu 15.04 and, maybe, 15.10.


Original Post

I've been using Thunderbird + Enigmail for years. I'm currently using Thunderbird 38.5.1, Enigmail version 1.9 (20160223-1641), and GPG 2.0.26 in my work PC (Ubuntu 15.04 64-bit, w/ Gnome Shell).

A few days ago, after 1yr+ of operation, Enigmail suddenly started complaining with the following error whenever I try to send a signed or encrypted email:

GnuPG reported an error in the communication with gpg-agent (a
component of GnuPG).

This is a system setup or configuration error that prevents Enigmail
from working properly and cannot be fixed automatically.

We strongly recommend that you consult our support web site at
https://enigmail.net/faq.

I've gone through the FAQ page and tried several things, but I've not yet been able to fix the problem.

The pinentry command works fine, and shows the pinentry-qt4 window (i.e. not text-based):

pinentry <<EOT
SETDESC Hello World
CONFIRM
EOT

However, the gpg-agent-connect command fails:

gpg-connect-agent <<EOT
heredoc> GETINFO version
heredoc> EOT
ERR 280 not implemented

I've tried disabling the gnome keyring as suggested, but it doesn't work either. (Yes, I did restart the system in-between, but I also want to keep the keyring enabled as usual.) I also tried exporting and re-importing my Enigmail settings (i.e. renaming $HOME/.gnupg/ to something else in the meantime), but that did not work either.

Oddly enough, when I start the gpg-agent manually from the shell, and then start Thunderbird, it seems to be communicating with the gpg-agent, as shown below:

gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh
gpg-agent[6469]: enabled debug flags: command cache assuan
gpg-agent[6469]: directory `/home/ray/.gnupg' created
gpg-agent[6469]: directory `/home/ray/.gnupg/private-keys-v1.d' created
gpg-agent[6469]: listening on socket `/home/ray/.gnupg/S.gpg-agent'
gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 started
#
# Thunderbird started at this point
#
$ gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 started
gpg-agent[6470]: chan_7 -> OK Pleased to meet you, process 6470
gpg-agent[6470]: chan_6 <- OK Pleased to meet you, process 6470
gpg-agent[6470]: chan_6 -> GETINFO pid
gpg-agent[6470]: chan_7 <- GETINFO pid
gpg-agent[6470]: chan_7 -> D 6470
gpg-agent[6470]: chan_7 -> OK
gpg-agent[6470]: chan_6 <- D 6470
gpg-agent[6470]: chan_6 <- OK
gpg-agent[6470]: chan_6 -> BYE
gpg-agent[6470]: chan_7 <- BYE
gpg-agent[6470]: chan_7 -> OK closing connection
gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated

I don't see any output if I try to send a signed and/or encrypted email, though. This only shows up when Thunderbird is started.

In addition, I added the /usr/bin/gpg-agent --daemon command as a startup application in the Gnome Startup Applications panel, but it made no difference.

I think I applied a regular update around 2/23, but the issue did not become visible until the system was restarted on 2/24 this week. Unfortunately, I don't remember which packages got updated, but there weren't that many. (I normally keep the system updated.)

Please note that this had been working w/o issues for years or so, until about 2 days ago. (I've also been using this setup in my home desktop PC for 4yrs+ without issues, but my work PC is a laptop, and Ubuntu sometimes does not work as nicely there for unknown reasons…)

When I try to open encrypted emails I've received (or saved drafts, which are also encrypted), I get the same error message about the gpg-agent, but it does decrypt the email message after asking me for my private key pass phrase.

Q: How can I solve this communication error that prevents me from sending signed/encrypted emails?

To consider the problem fixed, the situation needs to go back to working normally without the error messages, etc.

Thanks in advance for any help that you can provide to help fix this problem.


While I was writing this post, I noticed the following message from the gpg-agent daemon in the terminal:

# ...from previous output above
gpg-agent[6470]: chan_7 -> OK closing connection
gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated
#
# new/unexpected error message from agent
#
gpg-agent[6470]: can't connect my own socket: IPC connect call failed
gpg-agent[6470]: this process is useless - shutting down
gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 stopped

This showed up unexpectedly, as I didn't ask Thunderbird to do anything in particular in the meantime.


I updated from 15.04 -> 15.10 -> 16.04 and can confirm that Thunderbird 38.6 + Enigmail 1.9.1 are working normally for me. The output of the commands is also what they should be:

➜  ~ pinentry <<EOT
heredoc> SETDESC Hello World
heredoc> CONFIRM
heredoc> EOT
OK Pleased to meet you
OK
OK
➜  ~ gpg-connect-agent <<EOT
heredoc> GETINFO version
heredoc> EOT
D 2.1.11
OK

Best Answer

While the answer of thisthatother only shows how to solve it on a Debian system, the approach is the same:

Downgrading.

Since Enigmail released version 1.9 on February the 23rd and the problems started from that day on, the only three solutions are:

  1. Wait for Enigmail to sort things out and install their update to the 1.9.x and stop using encryption until they provide the update
  2. Dig around and solve the problem yourself (which not everyone is capable of doing due to limited knowledge of the underlying software architecture)
  3. Downgrade to 1.8.2, then wait for Enigmail to sort things out and upgrade to a 1.9.x that solves the error that occured with 1.9.

I can't help with 1 or 2, but with number 3:

  • Download Enigmail 1.8.2, which is the latest pre-1.9 version that didn't introduce the error
  • Uninstall Enigmail 1.9 through the Thunderbird Add-ons menu
  • From within that same menu, manually install the downloaded 1.8.2 file by clicking on the Add-ons configuration button at the top of the Thunderbird Add-ons page, left from the search text entry field
  • Restart Thunderbird

It should now work as before the update to Enigmail 1.9.

I would suggest to disable automatic updates for Enigmail until this bug introduced in 1.9 has been sorted out. You can disable them by clicking on the "more" Link that's in the description text of the Enigmail extension in the Thunderbird Add-ons page.

Related Question