Friday, January 24, 2020

When logged into a server via SSH, usually any attempt to decrypt a file with GPG results in an unhelpful error message like:

gpg: cancelled by user
...
gpg: decryption failed: No secret key

with no attempt made to ask for a password.

Fix for this is simply to execute: export GPG_TTY=`tty`,

Note that if pinentry-program in ~/.gnupg/gpg-agent.conf is set to /usr/bin/pinentry-gtk, and this is an alias for /usr/bin/pinentry-gtk-2, set pinentry-program to the latter (/usr/bin/pinentry-gtk-2), which appears to change the behaviour (pinentry-gtk-2 should be able to automatically detect whether to execute in GUI or text mode, whereas the original pinentry-gtk is GUI-only.

See also "Forcing GPG passphrase input in the terminal".

Posted at 6:07 AM |Comments (0)