Script execution failed: cancelled by user & decryption failed: No secret key

kierun commented

2018-10-02 14:24:58 +02:00

(Migrated from github.com)

General information. Describe your environment

Versions
- Operating system: CentOS7 7.5.1804 (Core)
- Browser: Firefox 62.0.2 (64-bit)
- PassFF: 1.5.1
- Host app: 1.0.2

Status line output: [hh:mm:ss] show -> (0)

show -> (2) gpg: cancelled by user gpg: decryption failed: No secret key

Your preferences

Those appear to be sane. The pass commands work fine from a shell.

Messages in the web console:

[PassFF.content] Message Page.notify received in content

Actual behaviour

Every time I try to fill some password, I get a window saying:

Script execution failed:
gpg: cancelled by user
gpg: decryption failed: No secret key

Expected behaviour

I expected a GPG prompt to enter my password.

Steps to reproduce the behaviour

I suspect an error between keyboard and floor but am unsure where to start to look at what I am doing wrong.

### General information. Describe your environment  - Versions - Operating system: CentOS7 7.5.1804 (Core) - Browser: Firefox 62.0.2 (64-bit) - PassFF: 1.5.1 - Host app: 1.0.2 Status line output: `[hh:mm:ss] show -> (0)`  `show -> (2) gpg: cancelled by user gpg: decryption failed: No secret key `  - Your preferences Those appear to be sane. The `pass` commands work fine from a shell. - Messages in the web console: `[PassFF.content] Message Page.notify received in content` --- ### Actual behaviour Every time I try to fill some password, I get a window saying: ``` Script execution failed: gpg: cancelled by user gpg: decryption failed: No secret key ``` ### Expected behaviour I expected a GPG prompt to enter my password. ### Steps to reproduce the behaviour I suspect an error between keyboard and floor but am unsure where to start to look at what I am doing wrong.

5bentz commented

2018-10-12 22:58:59 +02:00

(Migrated from github.com)

Hey kierun,

When you try to fill a password with PassFF, are you prompted for a password?
When you use pass, does it prompt a pinentry in the terminal?

If the answers to those questions are no then yes, could it be a pinentry issue?

See https://github.com/passff/passff#nothing-happens-when-i-click-on-a-password-and-select-an-action

Hey kierun, 1. When you try to fill a password with PassFF, are you prompted for a password? 2. When you use `pass`, does it prompt a pinentry in the terminal? If the answers to those questions are *no* then *yes*, could it be a pinentry issue? See https://github.com/passff/passff#nothing-happens-when-i-click-on-a-password-and-select-an-action

kierun commented

2018-10-15 11:30:23 +02:00

(Migrated from github.com)

When you try to fill a password with PassFF, are you prompted for a password?

No I am not. Just a result that something failed.

When you use pass, does it prompt a pinentry in the terminal?

Yes, I am. Although it is the console version and not a GUI.

; sudo dnf install pinentry                                                     
Last metadata expiration check: 17:30:53 ago on Sun 14 Oct 2018 17:00:05 BST.   
Package pinentry-0.8.1-17.el7.x86_64 is already installed, skipping.            
Dependencies resolved.                                                          
Nothing to do.                                                                  
Complete!                                                                       
;                                                                               
; ls -l /usr/bin/pinentry                                                       
4.0K -rwxr-xr-x. 1 root root 2.6K Nov  4  2016 /usr/bin/pinentry*

> When you try to fill a password with PassFF, are you prompted for a password? No I am not. Just a result that something failed. > When you use pass, does it prompt a pinentry in the terminal? Yes, I am. Although it is the console version and not a GUI. ``` ; sudo dnf install pinentry Last metadata expiration check: 17:30:53 ago on Sun 14 Oct 2018 17:00:05 BST. Package pinentry-0.8.1-17.el7.x86_64 is already installed, skipping. Dependencies resolved. Nothing to do. Complete! ; ; ls -l /usr/bin/pinentry 4.0K -rwxr-xr-x. 1 root root 2.6K Nov 4 2016 /usr/bin/pinentry* ```

5bentz commented

2018-10-15 22:26:29 +02:00

(Migrated from github.com)

Thanks for the answers.
PassFF requires a GUI pinentry since the host app (passff.py) runs pass non-interactively.
You can either install a GUI pinentry (pinentry-gtk or pinentry-qt), or still use the console version + gpg's cache.

Tell me if it fixes your issue :)
I will add in the doc that the GUI pinentry is necessary.

Do you know a good website about CentOS packages? A CentOS/RHEL equivalent to https://www.debian.org/distrib/packages ?
My best catch is https://pkgs.org/

Oh I didn't know the dnf pkg manager for CentOS :octocat:

Thanks for the answers. PassFF requires a GUI pinentry since the host app (`passff.py`) runs `pass` non-interactively. You can either install a GUI pinentry (`pinentry-gtk` or `pinentry-qt`), or still use the console version + gpg's cache. Tell me if it fixes your issue :) I will add in the doc that the GUI pinentry is necessary. Do you know a good website about CentOS packages? A CentOS/RHEL equivalent to https://www.debian.org/distrib/packages ? My best catch is https://pkgs.org/ Oh I didn't know the `dnf` pkg manager for CentOS :octocat:

kierun commented

2018-10-16 09:26:33 +02:00

(Migrated from github.com)

PassFF requires a GUI pinentry since the host app (passff.py) runs pass non-interactively.
You can either install a GUI pinentry (pinentry-gtk or pinentry-qt), or still use the console version + gpg's cache.

There is no pinentry-gtk in the official repos but pinentry-qt is there. I am working from home for the next couple of days so cannot check it. I will update Thursday.

Do you know a good website about CentOS packages?

'fraid not. There are a few around but I tend to use dnf search X to get whatever containing X to show.

Oh I didn't know the dnf pkg manager for CentOS :octocat:

Yes, you can use it although it's experimental. I like living on the edge. ☺

> PassFF requires a GUI pinentry since the host app (passff.py) runs pass non-interactively. > You can either install a GUI pinentry (pinentry-gtk or pinentry-qt), or still use the console version + gpg's cache. There is no `pinentry-gtk` in the official repos but `pinentry-qt` is there. I am working from home for the next couple of days so cannot check it. I will update Thursday. > Do you know a good website about CentOS packages? 'fraid not. There are a few around but I tend to use `dnf search X` to get whatever containing X to show. > Oh I didn't know the dnf pkg manager for CentOS :octocat: Yes, you can use it although it's experimental. I like living on the edge. ☺

kierun commented

2018-10-19 09:28:52 +02:00

(Migrated from github.com)

I installed all the pinentries I could find. I have not restart my machine but that should not matter. I am still getting the same problem.

I wonder if this is because the first thing that the code looks for is pinentry thus the console one…

If I run pass … in a console then the auto-fill works fine. I suspect pinentry caches the authentication for a little while so I can get around the issue but it's annoying. It works fine on my Fedora machine.

I installed all the pinentries I could find. I have not restart my machine but that should not matter. I am still getting the same problem. I wonder if this is because the first thing that the code looks for is `pinentry` thus the console one… If I run `pass …` in a console then the auto-fill works fine. I suspect pinentry caches the authentication for a little while so I can get around the issue but it's annoying. It works fine on my Fedora machine.

5bentz commented

2018-10-19 21:13:59 +02:00

(Migrated from github.com)

I installed all the pinentries I could find. I have not restart my machine but that should not matter. I am still getting the same problem.

You probably have to configure gpg2 to use a GUI pinentry. Or maybe you have to reload the gpg-agent. Restart if you can.
See https://wiki.archlinux.org/index.php/GnuPG#pinentry

If I run pass … in a console then the auto-fill works fine. I suspect pinentry caches the authentication for a little while so I can get around the issue but it's annoying

Yes, gpg-agent do caches your passphrase for a while, the duration of retention is configurable.

I wonder if this is because the first thing that the code looks for is pinentry thus the console one…

This is indeed what gpg-agent looks for first.
If /usr/bin/pinentry is a symlink on your system, you could also modify it, or configure update-alternatives to do it for you ;)

> I installed all the pinentries I could find. I have not restart my machine but that should not matter. I am still getting the same problem. You probably have to configure gpg2 to use a GUI pinentry. Or maybe you have to reload the gpg-agent. Restart if you can. See https://wiki.archlinux.org/index.php/GnuPG#pinentry > If I run `pass …` in a console then the auto-fill works fine. I suspect pinentry caches the authentication for a little while so I can get around the issue but it's annoying Yes, gpg-agent do caches your passphrase for a while, the duration of retention is configurable. > I wonder if this is because the first thing that the code looks for is `pinentry` thus the console one… This is indeed what gpg-agent looks for first. If `/usr/bin/pinentry` is a symlink on your system, you could also modify it, or configure `update-alternatives` to do it for you ;)

kierun commented

2018-10-22 08:59:06 +02:00

(Migrated from github.com)

You probably have to configure gpg2 to use a GUI pinentry.

And this was the solution! ☺

Many thanks indeed for taking the time and effort to help me debug this. It is much appreciated.

> You probably have to configure gpg2 to use a GUI pinentry. And this was the solution! ☺ Many thanks indeed for taking the time and effort to help me debug this. It is much appreciated.

5bentz commented

2018-10-22 20:00:55 +02:00

(Migrated from github.com)

Nice, I'm glad the pinentry was the culprit ;)
I'm updating the README to explicitly document this dependency.

Thanks for using PassFF and supporting our work 👍

Nice, I'm glad the pinentry was the culprit ;) I'm updating the README to explicitly document this dependency. Thanks for using PassFF and supporting our work :+1:

kierun commented

2018-10-23 11:46:53 +02:00

(Migrated from github.com)

Thanks for using PassFF and supporting our work +1

You are most welcome. Thank you again for your time and support

> Thanks for using PassFF and supporting our work +1 You are most welcome. Thank you again for your time and support

Rows
Columns

Script execution failed: cancelled by user & decryption failed: No secret key #367

General information. Describe your environment

Actual behaviour

Expected behaviour

Steps to reproduce the behaviour