decrypting emails with enigmail in thunderbird does not work anymore.
It is because I don't get the chance to punch in my passphrase, a form asking me to do so used to pop up, now it's not and I'm getting this message:
Error – no matching private/secret key found to decrypt message; click on 'Details' button for more information
The private key is available though, since
gpg -d Desktop/mail.eml
makes the form appear. After filling in my passphrase I can read the decrypted mail within the terminal.
Another hint for a problem with the passphrases appeared when I created to new keys today. I could not create a revocation certificate because there was no passphrase set. Which, again, is not true.
I first noticed the problem on Monday, August 31st.
I checked the internet for a bit and then did the following:
-
Make sure an instance of gpg-agent is running:
gpg-agent -v
returns
gpg-agent: gpg-agent running and available
Content of .gnupg/gpg-agent.conf:
default-cache-ttl 0
max-cache-ttl 0 -
Go to
dconf Editor desktop->gnome->crypto->cache
and setgpg-cache-ttl
to0
-
Thunderbird Enigmail->Clear Saved Passphrases
gives an Enigmail Alert saying:You are using gpg-agent for passphrase handling. Clearing the passphrase is therefore not possible from within Enigmail.
Thunderbird Enigmail->Preferences->Basic Remember passphrase for 0 minutes of idle time
-
Make
gpg-agent
forget my passphrase:pkill -SIGHUP gpg-agent
-
Seahorse->GnuPG keys
delete all keys and reimport them
None of that list made any difference to the problem. I wonder, how do I get Enigmail to ask for my passphrase again?
Thanks in advance!
Bronk
Edit
- Removing
/etc/xdg/autostart/gnome-keyring-gpg.desktop
didn't do anything. - Removing
seahorse
didn't do anything. -
Using
decrypt-file
:Couldn't decrypt file: mail.eml.pgp Bad passphrase
Best Answer
Try this: https://www.enigmail.net/support/gnupg2_issues.php In my case, I need install a grafical version of pinentry (pinentry-qt4 package).
"Resolving issues with GnuPG 2.x and gpg-agent
Note GnuPG 2.x requires an "agent" to handle passphrases. By default this is done by gpg-agent, but there are other tools implementing a subset of its functionality. These instructions are for gpg-agent only. If you use an agent like gnome-keyring, seahorse-agent or the KDE Wallet Manager, then these instructions don't apply. Most common Problem
Symptoms
The most common issue is that gpg-agent (a part of GnuPG) cannot launch pinentry (the tool used to query your passphrase). Enigmail would display messages like:
How to Analyze
How to Fix it