5

I'm trying to import my PGP identity including secret keys to a new computer by connecting to a computer which has the secret key, and running

ssh othercomputer cat myself.gpg | gpg2 --import

When doing this, it looks like GPG is importing the public keys, but not the private ones. When examining the output closer, I can see that it says "error sending to agent: operation cancelled" which I assume has something to do with the problem.

I have

  • tried specifying a pinentry-program in gpg-agent.conf;
  • restarted gpg-agent and triple-checked it is running; and
  • verified that the versions of gpg-agent and gpg match.
kqr
  • 181
  • 1
  • 6

3 Answers3

3

The issue – I think – is that GnuPG detects that it is running in a pipe, i.e. in a non-interactive shell. Since non-interactive means there's no user interacting with it, there is little point in showing a pinentry dialog – at least in most cases.

The easiest solution is to store myself.gpg on the local drive and then import it in a separate command. I understand this solution may have some repercussions in terms of privacy and secrecy, so do understand the consequences of this choice before you blindly follow advice.

kqr
  • 181
  • 1
  • 6
  • A similar issue occurs when trying to import password-protected private key via pipe from paperkey. – elquimista Nov 12 '18 at 18:21
  • 2
    @kqr that is true, and the solution is to use a text-based pinentry, like `pinentry-curses`. You might have it already installed, but another pinentry program is the default one. On Debian you can `sudo update-alternatives --config pinentry` to set the ncurses version as default. This is usually a symlink from `/usr/bin/pinentry` -> `/etc/alternatives/pinentry` -> `/usr/bin/pinentry-curses`. – goetz Jan 06 '19 at 18:54
  • 1
    @goetzc Thanks, this helped me out today! – Mark LeMoine Apr 04 '19 at 18:00
0

Set pinentry-mode on the command line or in the ~/.gnupg/gpg.conf file.

--pinentry-mode loopback

or just

pinentry-mode loopback in the config file.

Deathgrip
  • 101
  • 1
0

Adding pinentry-mode loopback in the ~/.gnupg/gpg.conf file works for Ubuntu 20.04

Flavius Burca
  • 1