gpg: signing failed: Operation cancelled

[EdricChan03]

Description

When attempting to sign with gpg, an error is thrown indicating the operation was cancelled.

Setup

Computer Hardware

• Processor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx 2.10 GHz
• RAM: 16 GB (13.9 GB usable)
• System type: 64-bit operating system, x64-based processor

OS version

• Edition: Windows 10 Home
• Version: 2004
• OS build: 19041.508

Other

• gpg version: 2.2.19
• Version of pinentry-wsl-ps1.sh: master (last updated: 19 Nov 2018)
• Version of the (optional) davotronic5000/PowerShell_Credential_Manager: 2.0
• Describe how you installed pinentry-wsl-ps1.sh on your computer:
  1. Navigate to the user's private bin repository. (Located in $HOME/bin)
  2. Run wget https://raw.githubusercontent.com/diablodale/pinentry-wsl-ps1/master/pinentry-wsl-ps1.sh.
  3. Change permissions with chmod ug=rx pinentry-wsl-ps1.sh.
  4. Followed the instructions in README file
• Detail any options you changed inside the pinentry-wsl-ps1.sh file
  • Updated the PERSISTENCE value to "System".
  • Updated the NOTIFY value to "0".
  • Updated the DEBUGLOG value to "$HOME/pintrace.log".

Steps to reproduce

1. Edit your ~/.gnupg/gpg-agent.conf file and include the following settings. Replace username or the whole path to a location you want to create the log file.

   debug 1024
   debug-pinentry
   log-file /home/username/agent.log

2. Kill and restart gpg-agent
3. Run echo "test" | gpg --clearsign. An error should appear on the console.

Actual Result

Running echo "test" | gpg --clearsign results in the log below:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

test
gpg: signing failed: Operation cancelled
gpg: [stdin]: clear-sign failed: Operation cancelled

Expected Result

I would expect a password prompt dialog to appear requesting for the key's password.

Workarounds

Use the TTY instead for the password prompt:

~/.profile:

export GPG_TTY=$(tty)

GPG-agent log file

2020-09-22 00:03:45 gpg-agent[8163] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent' to '/dev/shm/S.gpg-agent'
2020-09-22 00:03:45 gpg-agent[8163] listening on socket '/dev/shm/S.gpg-agent'
2020-09-22 00:03:45 gpg-agent[8163] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.extra' to '/dev/shm/S.gpg-agent.extra'
2020-09-22 00:03:45 gpg-agent[8163] listening on socket '/dev/shm/S.gpg-agent.extra'
2020-09-22 00:03:45 gpg-agent[8163] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.browser' to '/dev/shm/S.gpg-agent.browser'
2020-09-22 00:03:45 gpg-agent[8163] listening on socket '/dev/shm/S.gpg-agent.browser'
2020-09-22 00:03:45 gpg-agent[8163] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.ssh' to '/dev/shm/S.gpg-agent.ssh'
2020-09-22 00:03:45 gpg-agent[8163] listening on socket '/dev/shm/S.gpg-agent.ssh'
2020-09-22 00:03:45 gpg-agent[8164] gpg-agent (GnuPG) 2.2.19 started
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK Pleased to meet you, process 8161
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- RESET
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION ttyname=/dev/pts/2
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION ttytype=xterm-256color
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION lc-ctype=C.UTF-8
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION lc-messages=C.UTF-8
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- GETINFO version
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> D 2.2.19
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION allow-pinentry-notify
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- OPTION agent-awareness=2.1.0
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- SCD SERIALNO
2020-09-22 00:03:45 gpg-agent[8164] no running SCdaemon - starting it
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- ERR 67109133 can't exec `/usr/lib/gnupg/scdaemon': No such file or directory
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> BYE
2020-09-22 00:03:45 gpg-agent[8164] can't connect to the SCdaemon: IPC connect call failed
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> ERR 67108983 No SmartCard daemon <GPG Agent>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- HAVEKEY <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> ERR 67108881 No secret key <GPG Agent>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- HAVEKEY <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- HAVEKEY <redacted> <redacted> <redacted> <redacted> <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- HAVEKEY <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- HAVEKEY <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- KEYINFO <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> S KEYINFO <redacted> D - - - P - - -
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- RESET
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- SIGKEY <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- SETKEYDESC Please+enter+the+passphrase+to+unlock+the+OpenPGP+secret+key:%0A%22Edric+Chan+(Key+used+for+Github+commit+signing)+<edric.chan.1997@gmail.com>%22%0A4096-bit+RSA+key,+ID+<redacted>,%0Acreated+2020-04-17+(main+key+ID+<redacted>).%0A
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- SETHASH 10 <redacted>
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 -> OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_10 <- PKSIGN
2020-09-22 00:03:45 gpg-agent[8164] starting a new PIN Entry
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK Your orders please
2020-09-22 00:03:45 gpg-agent[8164] DBG: connection to PIN entry established
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION no-grab
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION ttyname=/dev/pts/2
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION ttytype=xterm-256color
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION lc-ctype=C.UTF-8
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION lc-messages=C.UTF-8
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION allow-external-password-cache
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-ok=_OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-cancel=_Cancel
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-yes=_Yes
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-no=_No
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-prompt=PIN:
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-pwmngr=_Save in password manager
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-cf-visi=Do you really want to make your passphrase visible on the screen?
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-tt-visi=Make passphrase visible
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:45 gpg-agent[8164] DBG: chan_11 -> OPTION default-tt-hide=Hide passphrase
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> OPTION touch-file=/home/edricchan/.gnupg/S.gpg-agent
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> OPTION owner=8161 Edrics-PC
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> GETINFO flavor
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- ERR 83886355 unknown command
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> GETINFO version
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- D 0.2.1
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> GETINFO ttyinfo
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- ERR 83886355 unknown command
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> GETINFO pid
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- D 8167
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 8167 unknown 0.2.1 ? ? ?
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_10 <- END
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> SETKEYINFO n/<redacted>
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> SETDESC Please enter the passphrase to unlock the OpenPGP secret key:%0A%22Edric Chan (Key used for Github commit signing) <edric.chan.1997@gmail.com>%22%0A4096-bit RSA key, ID <redacted>,%0Acreated 2020-04-17 (main key ID <redacted>).%0A
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> SETPROMPT Passphrase:
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- OK
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> [[Confidential data not shown]]
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 <- [[Confidential data not shown]]
2020-09-22 00:03:46 gpg-agent[8164] DBG: error calling pinentry: Operation cancelled <Pinentry>
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_11 -> BYE
2020-09-22 00:03:46 gpg-agent[8164] failed to unprotect the secret key: Operation cancelled
2020-09-22 00:03:46 gpg-agent[8164] failed to read the secret key
2020-09-22 00:03:46 gpg-agent[8164] command 'PKSIGN' failed: Operation cancelled <Pinentry>
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_10 -> ERR 83886179 Operation cancelled <Pinentry>
2020-09-22 00:03:46 gpg-agent[8164] DBG: chan_10 <- [eof]

[diablodale]

Hi. In reviewing what you provided I noticed a few things...

1. You set PERSISTENCE to a value that is not supported. The only values that are supported are: "", "Session", "LocalMachine", or "Enterprise"
2. There is additional debugging information that might help. You already set DEBUGLOG value to "$HOME/pintrace.log". Would you please attach an agent.log and pintrace.log from the same gpg session so that I can review them both to trace activity? Please do check it for any data that needs to be redacted before attaching it.
3. What version of wsl are you using? Please attach the output of uname -a. Personally, I continue to use WSL1 for its stable and known behaviors -- I have never tried this pinentry solution in WSL2.
4. What linux distribution+version are you running in wsl?
5. I see in the log file you attached that you are redirecting the gpg agent sockets like S.gpg-agent to /dev/shm/S.gpg-agent. I used to do that also but it is no longer needed. Recent versions of WSL1 and all versions of WSL2 support sockets in the filesystem. Have you experimented if this issue is related to the socket redirection or the filesystem?

:-)

[EdricChan03]

Thanks for the swift reply! As for your questions:

1. I've actually set the PERSISTENCE value to "Session" instead of "System". That was a wrong move on my part.
2. Sure. Here are the logs:
   • pintrace.log:

     OPTION no-grab
     OPTION ttyname=/dev/pts/0
     OPTION ttytype=xterm-256color
     OPTION lc-ctype=C.UTF-8
     OPTION lc-messages=C.UTF-8
     OPTION allow-external-password-cache
     OPTION default-ok=_OK
     OPTION default-cancel=_Cancel
     OPTION default-yes=_Yes
     OPTION default-no=_No
     OPTION default-prompt=PIN:
     OPTION default-pwmngr=_Save in password manager
     OPTION default-cf-visi=Do you really want to make your passphrase visible on the screen?
     OPTION default-tt-visi=Make passphrase visible
     OPTION default-tt-hide=Hide passphrase
     OPTION touch-file=/home/edricchan/.gnupg/S.gpg-agent
     OPTION owner=355 Edrics-PC
     GETINFO flavor
     GETINFO version
     GETINFO ttyinfo
     GETINFO pid
     SETKEYINFO n/<redacted>
     SETDESC Please enter the passphrase to unlock the OpenPGP secret key:%0A%22Edric Chan (Key used for Github commit signing) <edric.chan.1997@gmail.com>%22%0A4096-bit RSA key, ID <redacted>,%0Acreated 2020-04-17 (main key ID <redacted>).%0A
     SETPROMPT Passphrase:
     GETPIN
     BYE

   • gpg-agent.log (separate session):

     2020-09-22 10:42:29 gpg-agent[357] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent' to '/dev/shm/S.gpg-agent'
     2020-09-22 10:42:29 gpg-agent[357] listening on socket '/dev/shm/S.gpg-agent'
     2020-09-22 10:42:29 gpg-agent[357] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.extra' to '/dev/shm/S.gpg-agent.extra'
     2020-09-22 10:42:29 gpg-agent[357] listening on socket '/dev/shm/S.gpg-agent.extra'
     2020-09-22 10:42:29 gpg-agent[357] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.browser' to '/dev/shm/S.gpg-agent.browser'
     2020-09-22 10:42:29 gpg-agent[357] listening on socket '/dev/shm/S.gpg-agent.browser'
     2020-09-22 10:42:29 gpg-agent[357] redirecting socket '/home/edricchan/.gnupg/S.gpg-agent.ssh' to '/dev/shm/S.gpg-agent.ssh'
     2020-09-22 10:42:29 gpg-agent[357] listening on socket '/dev/shm/S.gpg-agent.ssh'
     2020-09-22 10:42:29 gpg-agent[358] gpg-agent (GnuPG) 2.2.19 started
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK Pleased to meet you, process 355
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- RESET
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION ttyname=/dev/pts/0
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION ttytype=xterm-256color
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION lc-ctype=C.UTF-8
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION lc-messages=C.UTF-8
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- GETINFO version
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> D 2.2.19
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION allow-pinentry-notify
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- OPTION agent-awareness=2.1.0
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- SCD SERIALNO
     2020-09-22 10:42:29 gpg-agent[358] no running SCdaemon - starting it
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- ERR 67109133 can't exec `/usr/lib/gnupg/scdaemon': No such file or directory
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> BYE
     2020-09-22 10:42:29 gpg-agent[358] can't connect to the SCdaemon: IPC connect call failed
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> ERR 67108983 No SmartCard daemon <GPG Agent>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- HAVEKEY <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> ERR 67108881 No secret key <GPG Agent>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- HAVEKEY <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- HAVEKEY <redacted> <redacted> <redacted> <redacted> <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- HAVEKEY <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- HAVEKEY <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- KEYINFO <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> S KEYINFO <redacted> D - - - P - - -
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- RESET
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- SIGKEY <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- SETKEYDESC Please+enter+the+passphrase+to+unlock+the+OpenPGP+secret+key:%0A%22Edric+Chan+(Key+used+for+Github+commit+signing)+<edric.chan.1997@gmail.com>%22%0A4096-bit+RSA+key,+ID+<redacted>,%0Acreated+2020-04-17+(main+key+ID+<redacted>).%0A
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- SETHASH 10 <redacted>
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 -> OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_10 <- PKSIGN
     2020-09-22 10:42:29 gpg-agent[358] starting a new PIN Entry
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK Your orders please
     2020-09-22 10:42:29 gpg-agent[358] DBG: connection to PIN entry established
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION no-grab
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION ttyname=/dev/pts/0
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION ttytype=xterm-256color
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION lc-ctype=C.UTF-8
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION lc-messages=C.UTF-8
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:29 gpg-agent[358] DBG: chan_11 -> OPTION allow-external-password-cache
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-ok=_OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-cancel=_Cancel
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-yes=_Yes
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-no=_No
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-prompt=PIN:
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-pwmngr=_Save in password manager
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-cf-visi=Do you really want to make your passphrase visible on the screen?
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-tt-visi=Make passphrase visible
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:30 gpg-agent[358] DBG: chan_11 -> OPTION default-tt-hide=Hide passphrase
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> OPTION touch-file=/home/edricchan/.gnupg/S.gpg-agent
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> OPTION owner=355 Edrics-PC
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> GETINFO flavor
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- ERR 83886355 unknown command
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> GETINFO version
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- D 0.2.1
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> GETINFO ttyinfo
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- ERR 83886355 unknown command
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> GETINFO pid
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- D 361
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 361 unknown 0.2.1 ? ? ?
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_10 <- END
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> SETKEYINFO n/<redacted>
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> SETDESC Please enter the passphrase to unlock the OpenPGP secret key:%0A%22Edric Chan (Key used for Github commit signing) <edric.chan.1997@gmail.com>%22%0A4096-bit RSA key, ID <redacted>,%0Acreated 2020-04-17 (main key ID <redacted>).%0A
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> SETPROMPT Passphrase:
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- OK
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> [[Confidential data not shown]]
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 <- [[Confidential data not shown]]
     2020-09-22 10:42:31 gpg-agent[358] DBG: error calling pinentry: Operation cancelled <Pinentry>
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_11 -> BYE
     2020-09-22 10:42:31 gpg-agent[358] failed to unprotect the secret key: Operation cancelled
     2020-09-22 10:42:31 gpg-agent[358] failed to read the secret key
     2020-09-22 10:42:31 gpg-agent[358] command 'PKSIGN' failed: Operation cancelled <Pinentry>
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_10 -> ERR 83886179 Operation cancelled <Pinentry>
     2020-09-22 10:42:31 gpg-agent[358] DBG: chan_10 <- [of]

3. I'm using WSL2; output of uname -a: Linux Edrics-PC 4.19.128-microsoft-standard #1 SMP Tue Jun 23 12:58:10 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
4. Output of lsb_release -a:

   No LSB modules are available.
   Distributor ID: Ubuntu
   Description:    Ubuntu 20.04 LTS
   Release:        20.04
   Codename:       focal

5. I'm actually not quite sure as to why I had set the gpg-agent sockets, nor do I remember when I had set it. However, it seems that clearing the contents of the socket files and restarting gpg-agent has no effect on the script.

[diablodale]

I don't see an immediate fix, and I don't see an immediate cause. More research will be needed.

1. If I were to guess with no research, my guess there is a WSL2 related issue. Do your repro steps work correctly if you use WSL1 with Ubuntu 18.04? You can install that side-by-side with your WSL2 setup.
2. What happens if you set PERSISTENCE=""? You should get a Windows UI prompt for your passwords but they will never be persisted. Personally, I use Enterprise persistence though all three should function.

Our gpg versions are slightly different. There could be an issue there.

Your pintrace.log suggests the pinentry-wsl-ps1.sh is working as expected. I turned on the debug log with my WSL1 setup and got line-for-line same log entries except for...

• My WSL1 has /dev/tty1. Your WSL2 has /dev/pts/0. If I open a WSL2 Debian on my machine, my tty is /dev/pts/0. That's good to see we can have similar tty setups.
• Our home directories and setkeyinfo lines are naturally different. This does not concern me.

I'm booked with other work this week, but will have some time next week to dig further into this. Your answers to the above 2 inquires can help me discover what is different between our setups and isolate the issue/fix. :-)

[EdricChan03]

1. Seems that running the same setup on WSL1 yields a different error message without the pinentry-program config:

   gpg: using "<redacted>" as default secret key for signing
   -----BEGIN PGP SIGNED MESSAGE-----
   Hash: SHA512
   
   test
   gpg: signing failed: Permission denied
   gpg: [stdin]: clear-sign failed: Permission denied

   Which can be resolved by adding a flag --pinentry-mode=loopback to the command (more info from this AskUbuntu question), where an "Enter passphrase:" prompt appears.

   ---

   However, uncommenting the pinentry-program results in the same error message being outputted:

   gpg: using "<redacted>" as default secret key for signing
   -----BEGIN PGP SIGNED MESSAGE-----
   Hash: SHA512
   
   test
   gpg: signing failed: Operation cancelled
   gpg: [stdin]: clear-sign failed: Operation cancelled

2. Setting PERSISTENCE back to its original value has no effect - the same error message is outputted.

[diablodale]

I think this is something external to this project's script. Your first experiment in WSL1 not using theis project's script hints this. The "permission denied" errors in your WSL1 attempt are coming direct from gpg due to some unknown user/group/permission/process/etc issue. If basic GPG doesn't work, there is little chance this project's script will work.

I recommend focusing on getting basic gpg pinentry methods working. I do not recommend the loopback option as it is primarily focused on backwards compatibility and piping passwords via commandline. You should not need to enable that. Basic pinentry function should work without it.

Since you are experiencing GPG problems when not using this project's script (your first WSL1 try), this is not something I can provide support. I believe you are experiencing it. However, I don't have the bandwidth to help you resolve issues with GPG itself. I recommend you seek support for GPG on the internet to see if others can help you identify why GPG doesn't work for you in the simple case. You should be able to get it working in WSL1, using pinentry-curses and no other workarounds (e.g. loopback). When the fix is identified, then you can increase your complexity (WSL2, this project's script, etc.)

As reference, this setup works great on my computer using only GPG code. It exercises gpg, the agent, and the pinentry workflow. If this doesn't work, then you will need to explore the cause of the failure and resolve it.

1. WSL1 with Ubuntu 18.04. Get all updates/upgrades
2. GPG 2.2.4. When you run gpg --version, it should report gpg (GnuPG) 2.2.4 and libgcrypt 1.8.1
3. gpg keystore with keys, passwords on the keys, etc.
4. Verify the gpg-agent is working and has access to your keys with gpg-connect-agent 'keyinfo --list' /bye. You should see a list of keygrips for your gpg keys.
5. apt install pinentry-curses and you should have pinentry-curses/bionic,now 1.1.0-1
6. update the gpg-agent.conf file to have only a single line in it as below
7. wsl --shutdown
8. open terminal for WSL1 Ubuntu 18.04
9. echo "test" | gpg --clearsign
10. enter your key's password
11. This should successfully sign with no errors.

gpg-agent.conf file

pinentry-program /usr/bin/pinentry-curses

[EdricChan03]

I guess it could be one of many reasons why it did not work:

1. Something might've gone wrong with the way I migrated my current WSL2 setup to WSL1. These were the steps I took to migrate it (using a Command Prompt in administrator mode, as well as the steps as indicated in this StackOverflow answer):

   cd: C:\Users\edric\Desktop
   wsl --export Ubuntu ubuntu2.tar
   wsl --import UbuntuWSL1 .\UbuntuWSL1 ubuntu2.tar --version 1

2. Or I suppose that Ubuntu 20.04 isn't supported with WSL1?

3. Or something's wrong with my local setup? I've set up the GPG keys such that it uses a sub-key system, where the main keys are stored on a thumb drive and removed from the main system such that it cannot be easily compromised.

---

Anyways, I've tried creating a new setup with WSL1 and Ubuntu 18.04, installed from the Windows Store and done the following:

Expand to view full log

```none Installing, this may take a few minutes... Please create a default UNIX user account. The username does not need to match your Windows username. For more information visit: https://aka.ms/wslusers Enter new UNIX username: edricchan Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Installation successful! To run a command as administrator (user "root"), use "sudo ". See "man sudo_root" for details. edricchan@Edrics-PC:~$ gpg --version gpg (GnuPG) 2.2.4 libgcrypt 1.8.1 Copyright (C) 2017 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/edricchan/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 edricchan@Edrics-PC:~$ gpg -K gpg: directory '/home/edricchan/.gnupg' created gpg: keybox '/home/edricchan/.gnupg/pubring.kbx' created gpg: /home/edricchan/.gnupg/trustdb.gpg: trustdb created edricchan@Edrics-PC:~$ gpg --list-keys edricchan@Edrics-PC:~$ gpg --gen-key gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Note: Use "gpg --full-generate-key" for a full featured key generation dialog. GnuPG needs to construct a user ID to identify your key. Real name: gpg: signal Interrupt caught ... exiting edricchan@Edrics-PC:~$ gpg --full-generate-key gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (3072) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 1w Key expires at Sat Oct 3 09:54:08 2020 +08 Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: Edric Chan Email address: edric.chan.1997@gmail.com Comment: Test GPG key You selected this USER-ID: "Edric Chan (Test GPG key) " Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. efewfewfgpg: key marked as ultimately trusted gpg: directory '/home/edricchan/.gnupg/openpgp-revocs.d' created fwefwgpg: revocation certificate stored as '/home/edricchan/.gnupg/openpgp-revocs.d/.rev' public and secret key created and signed. pub rsa4096 2020-09-26 [SC] [expires: 2020-10-03] uid Edric Chan (Test GPG key) sub rsa4096 2020-09-26 [E] [expires: 2020-10-03] edricchan@Edrics-PC:~$ gpg-connect-agent 'keyinfo --list' /bye S KEYINFO D - - - P - - - S KEYINFO D - - - P - - - OK edricchan@Edrics-PC:~$ sudo apt install pinentry-curses [sudo] password for edricchan: Sorry, try again. [sudo] password for edricchan: Reading package lists... Done Building dependency tree Reading state information... Done pinentry-curses is already the newest version (1.1.0-1). pinentry-curses set to manually installed. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. edricchan@Edrics-PC:~$ nano ~/.gnupg/gpg-agent.conf edricchan@Edrics-PC:~$ gpgconf --kill gpg-agent edricchan@Edrics-PC:~$ echo "test" | gpg --clearsign -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 test gpg: signing failed: Inappropriate ioctl for device gpg: [stdin]: clear-sign failed: Inappropriate ioctl for device ```

I then shut down the WSL instance, re-opened Ubuntu 18.04 and then ran the following commands:

Expand to view full log

```none edricchan@Edrics-PC:~$ echo "test" | gpg --clearsign -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 test gpg: signing failed: Inappropriate ioctl for device gpg: [stdin]: clear-sign failed: Inappropriate ioctl for device edricchan@Edrics-PC:~$ export GPG_TTY=$(tty) edricchan@Edrics-PC:~$ echo "test" | gpg --clearsign -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 test -----BEGIN PGP SIGNATURE----- -----END PGP SIGNATURE----- ```

So I guess it would be something wrong with my current WSL2 setup.

[diablodale]

I installed a fresh WSL2 Ubuntu 20.04 LTS distribution today.

1. Microsoft Store, installed Ubuntu 20.04 LTS
2. Launched Ubuntu 20.04 and it reported Installing, this may take a few minutes and prompted me for my username/password.
3. exit the window
4. Open a cmd prompt and run wsl --set-version Ubuntu-20.04 2
5. Wait for conversion to complete
6. Verified Ubuntu 20.04 is WSL2 with wsl -l -v
7. Launched Ubuntu 20.04
8. sudo apt update then sudo apt upgrade then exit
9. In cmd prompt terminate the distro with wsl -t Ubuntu-20.04 then launch Ubuntu 20.04 again

I then followed your same commands (using my Ubuntu 20.04) that you listed in the first group after you write Anyways, I've tried creating a new setup with WSL1 and Ubuntu 18.04, installed from the Windows Store and done the following:

And I got the same error you got. Mine reported...

dale@dale-euro:~$ ls -l /usr/bin/pinentry-curses
-rwxr-xr-x 1 root root 68240 Mar 22  2020 /usr/bin/pinentry-curses
dale@dale-euro:~$ gpgconf --kill gpg-agent
dale@dale-euro:~$ ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0    892   572 ?        Sl   14:34   0:00 /init
root         6  0.0  0.0    892    80 ?        Ss   14:34   0:00 /init
root         7  0.0  0.0    892    80 ?        R    14:34   0:00 /init
dale         8  0.0  0.0  10168  5224 pts/0    Ss   14:34   0:00 -bash
dale       120  0.0  0.0  10612  3432 pts/0    R+   14:46   0:00 ps aux
dale@dale-euro:~$ echo "test" | gpg --clearsign
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

test
gpg: signing failed: Inappropriate ioctl for device
gpg: [stdin]: clear-sign failed: Inappropriate ioctl for device

This is a pure WSL, Ubuntu, GPG issue and has nothing to do with this project's script. I can reproduce your error, but it isn't this project that causes it. This is outside my project's code and I recommend you seek GPG assistance elsewhere to resolve it.

That written, I did try a few things because eventually I want to migrate to WSL2 on my primary machines.

1. Edited .bashrc and put at the top export GPG_TTY=$(tty) and saved
2. exit the distro
3. In cmd prompt terminated the distro
4. Launched Ubuntu 20.04
5. echo "test" | gpg --clearsign
6. It prompted me for my password and successfully clearsigned the message 👍

I know you also saw improvements defining that value. So I continued forward to see if now this project's script will work.

1. copied pinentry-wsl-ps1.sh from the repo to my home directory in Ubuntu 20.04
2. chmod ug=rx,o= pinentry-wsl-ps1.sh
3. exit the distro
4. In cmd prompt terminated the distro
5. Launched Ubuntu 20.04
6. echo "test" | gpg --clearsign
7. It prompted me with this project's GUI UI for my password and successfully clearsigned the message 👍

[EdricChan03]

This is a pure WSL, Ubuntu, GPG issue and has nothing to do with this project's script. I can reproduce your error, but it isn't this project that causes it. This is outside my project's code and I recommend you seek GPG assistance elsewhere to resolve it.

Sorry, but I didn't mention that I had then run export GPG_TTY=$(tty) which resolved the issue. (I had only run this once I restarted the instance.)

1. copied pinentry-wsl-ps1.sh from the repo to my home directory in Ubuntu 20.04
2. chmod ug=rx,o= pinentry-wsl-ps1.sh
3. exit the distro
4. In cmd prompt terminated the distro
5. Launched Ubuntu 20.04
6. echo "test" | gpg --clearsign
7. It prompted me with this project's GUI UI for my password and successfully clearsigned the message 👍

Yup, I can confirm that these steps work for me on my WSL1 Ubuntu 18.04 setup, where a GUI shows up:

I can also confirm that migrating the Ubuntu 18.04 setup to WSL2 also works (using the following steps):

1. Update the WSL instance to WSL2 with an administrator Command Prompt and ran the following command: wsl --set-version Ubuntu-18.04 2.

   C:\WINDOWS\system32>wsl --set-version Ubuntu-18.04 2
   Conversion in progress, this may take a few minutes...
   For information on key differences with WSL 2 please visit https://aka.ms/wsl2
   Conversion complete.                                                                                                     

2. Verified that the instance was updated with wsl --list --verbose:

   C:\WINDOWS\system32>wsl --list --verbose
     NAME            STATE           VERSION
   * Ubuntu          Running         2
     UbuntuWSL1      Stopped         1
     Ubuntu-18.04    Stopped         2                                                                                      

3. Next, I ran the "Ubuntu 18.04" app.
4. Then, I once again ran echo "test" | gpg --clearsign, where once again the password dialog successfully appeared.

---

So it seems it's most likely something to do with my current WSL2 setup.

[diablodale]

Good progress! Yes, export GPG_TTY=$(tty) is needed on every login.

I just finished completing a migration of my WSL1 Ubuntu 18.04 -> WSL2 Ubuntu 20.04. I only had to copy my customizations for .profile, .bashrc, /etc/fstab, and /etc/wsl.conf. I'm able to use GPG with the GUI UI and persistence. Thank you for inquiring on this issue, it pushed me to go ahead with WSL2.

I did notice two things I do in my setup on WSL1 and now with WSL2

• I have the following in my .profile. I put it there because that is also loaded by shells like sh

  export GPG_TTY=$(tty)
  gpgconf --launch gpg-agent
  gpgconf --launch dirmngr

• In my ~/.gnupg/gpg.conf I have the following. I think these are leftover from the early WSL1 time when I manually redirected the SSH sockets. Because I needed to do the link/directory work in the .profile/.bashrc before the agent was launched. So I did that and then manually launched the agent. That's why you see that agent launch above. Also, this guarantees that the GPG_TTY is set before the agent is launched. It is probably not needed anymore, but I am going to leave it because there is no need for me to change what it already working.

  use-agent
  no-autostart

Be sure to set your GPG_TTY in WSL2. And read https://dev.gnupg.org/T3716 and try their debug/log setup at the 19 April 2018 comment.

I'm going to close this issue as an "external" issue since you have 18.04 working in WSL1/2. And I'm able to do the same + Ubuntu 20.04 in WSL2. If you find an issue with this project's GUI or persistence script, please open a new issue so we can focus on that specific issue.

Cheers!

[EdricChan03]

Could this be a GPG version issue? It seems that the pre-installed version of GPG on Ubuntu 18.04 is stuck at 2.2.4:

Expand to view full log

```none edricchan@Edrics-PC:~$ gpg --version gpg (GnuPG) 2.2.4 libgcrypt 1.8.1 Copyright (C) 2017 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/edricchan/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 ```

While GPG on Ubuntu 20.04 is currently tied to 2.2.19:

Expand to view full log

```none edricchan@Edrics-PC:~$ gpg --version gpg (GnuPG) 2.2.19 libgcrypt 1.8.5 Copyright (C) 2019 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/edricchan/tmp/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 ```

---

I've also tried creating a new temporary GPG home directory using the following steps on my default WSL2 setup:

1. Created a new temporary directory with mkdir -p ~/temp/.gnupg.
2. Set the GNUPGHOME to the temporary directory with export GNUPGHOME=/home/<username>/temp/.gnupg.
3. Ran gpg -K.
4. Generated a new key with gpg --full-generate-key.
5. Created a gpg-agent.conf file with the following contents:

   pinentry-program /home/<username>/bin/pinentry-wsl-ps1.sh

6. Killed the gpg-agent with gpgconf --kill gpg-agent.
7. And ran echo "test" | gpg --clearsign, where the same "Operation cancelled" error is shown.

I've also tried to retrieve a fresh copy of the pinentry script and redid most of the steps but to no avail.

[diablodale]

A reminder that I can not provide support for GPG. I recommend you visit https://www.google.com/search?q=gpg+support+forum to find a group that can provide you assistance with your core GPG issues.