split-gpg2 client does not show keys imported in sys-pgp

Question

split-gpg2 client does not show keys imported in sys-pgp

radek-otee opened this issue 5 months ago · 5 comments

radek-otee commented 5 months ago

Commitment

I confirm that I have read the following resources:

Software version

Qubes OS 4.2.1

Brief summary

Steps to reproduce

% gpg -vvv --list-secret-keys
gpg: using character set 'utf-8'
gpg: using pgp trust model
gpg: key XXXXXXXXXXXX: accepted as trusted key
gpg: key XXXXXXXXXXXX: accepted as trusted key
gpg: connection to agent is in restricted mode

Expected behavior

Expected to see the imported keys upon gpg -K

Actual behavior

No output, or the output above with higher verbosity.

.

Answer 1 · 2024-06-24T12:09:11.000Z

gpg: connection to agent is in restricted mode

This is just a warning message. I get it also and the keys are shown.

On sys-pgp:

cd ~/.gnupg/split-gpg/CLIENTQUBE
gpg --homedir . --list-secret-keys

On CLIENTQUBE

gpg -K

Did you import the public key to CLIENTQUBE?

You can redact the key information with XXXXX as you did above.

Answer 2 · 2024-06-24T14:07:00.000Z

@ben-grande

Went through the following steps:

sys-pgp$ gpg --homedir ~/.gnupg/split-gpg/dev --gen-key
sys-pgp$ gpg --export > public-keys-export
sys-pgp$ gpg --export-ownertrust > ownertrust-export
sys-pgp$ qvm-copy public-keys-export ownertrust-export

dev$ gpg --import ~/QubesIncoming/sys-pgp/public-keys-export
dev$ gpg --import-ownertrust ~/QubesIncoming/sys-pgp/ownertrust-export

And no keys visible with gpg -K

Answer 3 · 2024-06-24T14:25:06.000Z

On sys-pgp:

cat ~/.config/qubes-split-gpg2/qubes-split-gpg2.conf
cat ~/.config/sh/profile.d/split-gpg2.sh
zenity --question --title title --text text

On dev:

gpg -vvv --list-secret-keys

Redact secret key information, but show what is relevant in the verbose log.

Answer 4 · 2024-06-24T14:29:57.000Z

On sys-pgp:

cat ~/.config/qubes-split-gpg2/qubes-split-gpg2.conf

[DEFAULT]
autoaccept = 86400
pksign_autoaccept = 86400
pkdecrypt_autoaccept = 86400
verbose_notifications = yes
allow_keygen = no
#gnupghome =
isolated_gnupghome_dirs = ~/.gnupg/split-gpg
#debug_log =
#source_keyring_dir =

cat ~/.config/sh/profile.d/split-gpg2.sh

export GSK_RENDERER=cairo LIBGL_ALWAYS_SOFTWARE=1

zenity --question --title title --text text

libEGL warning: DRI2: failed to authenticate
MESA: error: ZINK: failed to choose pdev
libEGL warning: egl: failed to create dri2 screen
Couldn't open libGLESv2.so.2: libGLESv2.so.2: cannot open shared object file: No such file or directory
Aborted (core dumped)

On dev:
gpg -vvv --list-secret-keys

% gpg -vvv -K
gpg: using character set 'utf-8'
gpg: using pgp trust model
gpg: key XXXXXXXXXXXXXXXX: accepted as trusted key
gpg: key XXXXXXXXXXXXXXXX: accepted as trusted key
gpg: connection to agent is in restricted mode

Answer 5 · 2024-06-24T14:34:09.000Z

Couldn't open libGLESv2.so.2: libGLESv2.so.2: cannot open shared object file: No such file or directory
Aborted (core dumped)

This is the error, thanks for sharing, issue has been fixed. Commit will come soon.