tag:dreamwidth.org,2010-03-06:483469Move along, nothing to readA dis-illusioned software engineerrobbat22015-06-12T17:54:14Ztag:dreamwidth.org,2010-03-06:483469:238770gnupg-2.1 mutt2015-06-05T17:25:29Z2015-06-12T17:54:14Zpublic0<p>For the mutt users with GnuPG, depending on your configuration, you might notice that mutt's handling of GnuPG mail stopped working with GnuPG. There were a few specific cases that would have caused this, which I'll detail, but if you just want it to work again, put the below into your <tt>Muttrc</tt>, and make the tweak to <tt>gpg-agent.conf</tt>. The underlying cause for most if it is that secret key operations have moved to the agent, and many Mutt users used the agent-less mode, because Mutt handled the passphrase nicely on it's own.</p>
<ul>
<li><tt>-u</tt> must now come BEFORE <tt>--cleansign</tt></li>
<li>Add <tt>allow-loopback-pinentry</tt> to <tt>gpg-agent.conf</tt>, and restart the agent</li>
<li>The below config adds <tt>--pinentry-mode loopback</tt> before <tt>--passphrase-fd 0</tt>, so that GnuPG (and the agent) will accept it from Mutt still.</li>
<li><tt>--verbose</tt> is optional, depending what you're doing, you might find <tt>--no-verbose</tt> cleaner.</li>
<li><tt>--trust-model always</tt> is a personal preference for my Mutt mail usage, because I do try and curate my keyring</li>
</ul>
<pre>
set pgp_autosign = yes
set pgp_use_gpg_agent = no
set pgp_timeout = 600
set pgp_sign_as="(your key here)"
set pgp_ignore_subkeys = no
set pgp_decode_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --no-auto-check-trustdb --batch --output - %f"
set pgp_verify_command="gpg --pinentry-mode loopback --verbose --batch --output - --no-auto-check-trustdb --verify %s %f"
set pgp_decrypt_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --output - %f"
set pgp_sign_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --output - --armor --textmode %?a?-u %a? --detach-sign %f"
set pgp_clearsign_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --output - --armor --textmode %?a?-u %a? --detach-sign %f"
set pgp_encrypt_sign_command="pgpewrap gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --textmode --trust-model always --output - %?a?-u %a? --armor --encrypt --sign --armor -- -r %r -- %f"
set pgp_encrypt_only_command="pgpewrap gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --trust-model always --output --output - --encrypt --textmode --armor -- -r %r -- %f"
set pgp_import_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --import -v %f"
set pgp_export_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --export --armor %r"
set pgp_verify_key_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command="gpg %?p?--pinentry-mode loopback --passphrase-fd 0? --verbose --batch --with-colons --list-secret-keys %r"
</pre><br /><br /><img src="https://www.dreamwidth.org/tools/commentcount?user=robbat2&ditemid=238770" width="30" height="12" alt="comment count unavailable" style="vertical-align: middle;"/> comments