diablodale / pinentry-wsl-ps1

GUI for GPG within Windows WSL for passwords, pinentry, etc.
Mozilla Public License 2.0
97 stars 9 forks source link

Credential Manager not storing credentials #8

Closed lesmo closed 3 years ago

lesmo commented 3 years ago

I know this repo is kinda old, but... well, you never know:

Description

After proper setup, when using GPG a prompt for the passphrase is shown. However, the password is never stored in Windows Credential Manager when PERSISTENCE is set to LocalMachine:

image

Setup

Steps to reproduce

  1. Open a terminal in WSL2
  2. Run echo "test" | gpg --clearsign and enter credentials image
  3. Open a terminal for Windows Command prompt
  4. Run wsl --shutdown to shutdown WSL
  5. Open a terminal in WS2 and repeat steps 1 and 2

This issue is not presented after the first startup of WSL and/or the agent.

Actual Result

Expected Result

Workarounds

GPG-agent log file

2021-08-14 21:06:33 gpg-agent[2082] listening on socket '/home/lesmo/.gnupg/S.gpg-agent'
2021-08-14 21:06:33 gpg-agent[2082] listening on socket '/home/lesmo/.gnupg/S.gpg-agent.extra'
2021-08-14 21:06:33 gpg-agent[2082] listening on socket '/home/lesmo/.gnupg/S.gpg-agent.browser'
2021-08-14 21:06:33 gpg-agent[2082] listening on socket '/home/lesmo/.gnupg/S.gpg-agent.ssh'
2021-08-14 21:06:33 gpg-agent[2083] gpg-agent (GnuPG) 2.2.19 started
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK Pleased to meet you, process 2080
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- RESET
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION ttyname=/dev/pts/0
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION ttytype=xterm-256color
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION lc-ctype=C.UTF-8
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION lc-messages=C.UTF-8
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- GETINFO version
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> D 2.2.19
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION allow-pinentry-notify
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- OPTION agent-awareness=2.1.0
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- SCD SERIALNO
2021-08-14 21:06:33 gpg-agent[2083] no running SCdaemon - starting it
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- ERR 67109133 can't exec `/usr/lib/gnupg/scdaemon': No such file or directory
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> BYE
2021-08-14 21:06:33 gpg-agent[2083] can't connect to the SCdaemon: IPC connect call failed
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> ERR 67108983 No SmartCard daemon <GPG Agent>
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- HAVEKEY F97938B721362967D00EDADAF39A4C6FF78009B7 1E6705AACF36B2C25CF48379E6F982D595472DCB
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- KEYINFO F97938B721362967D00EDADAF39A4C6FF78009B7
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> S KEYINFO F97938B721362967D00EDADAF39A4C6FF78009B7 D - - - P - - -
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- RESET
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- SIGKEY F97938B721362967D00EDADAF39A4C6FF78009B7
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- SETKEYDESC Please+enter+the+passphrase+to+unlock+the+OpenPGP+secret+key:%0A%22Sinuhé+Coronel+(@lesmocasanova)+<lesmo@lesmo.com.mx>%22%0A4096-bit+RSA+key,+ID+1F153B9BC0AC2884,%0Acreated+2020-06-05.%0A
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- SETHASH 10 1C593A2140452A14C08EAB8054C0EA764B9707A42AF5D0CA40B35E0CC8CD708DB99716E24F7CE5A9DA2184903AEB4545D28BB418FE450E1175102DA14CFCD605
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- PKSIGN
2021-08-14 21:06:33 gpg-agent[2083] starting a new PIN Entry
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK Your orders please
2021-08-14 21:06:33 gpg-agent[2083] DBG: connection to PIN entry established
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION no-grab
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION ttyname=/dev/pts/0
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION ttytype=xterm-256color
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION lc-ctype=C.UTF-8
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION lc-messages=C.UTF-8
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION allow-external-password-cache
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-ok=_OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-cancel=_Cancel
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-yes=_Yes
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-no=_No
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-prompt=PIN:
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-pwmngr=_Save in password manager
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-cf-visi=Do you really want to make your passphrase visible on the screen?
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-tt-visi=Make passphrase visible
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION default-tt-hide=Hide passphrase
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION touch-file=/home/lesmo/.gnupg/S.gpg-agent
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> OPTION owner=2080 RAZER-LESMO
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> GETINFO flavor
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- ERR 83886355 unknown command
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> GETINFO version
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- D 0.2.1
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> GETINFO ttyinfo
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- ERR 83886355 unknown command
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> GETINFO pid
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- D 2086
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 -> INQUIRE PINENTRY_LAUNCHED 2086 unknown 0.2.1 ? ? ?
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_10 <- END
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> SETKEYINFO n/F97938B721362967D00EDADAF39A4C6FF78009B7
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> SETDESC Please enter the passphrase to unlock the OpenPGP secret key:%0A%22Sinuhé Coronel (@lesmocasanova) <lesmo@lesmo.com.mx>%22%0A4096-bit RSA key, ID 1F153B9BC0AC2884,%0Acreated 2020-06-05.%0A
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> SETPROMPT Passphrase:
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 <- OK
2021-08-14 21:06:33 gpg-agent[2083] DBG: chan_11 -> [[Confidential data not shown]]
2021-08-14 21:06:57 gpg-agent[2083] DBG: chan_11 <- [[Confidential data not shown]]
2021-08-14 21:06:57 gpg-agent[2083] DBG: chan_11 <- [[Confidential data not shown]]
2021-08-14 21:06:59 gpg-agent[2083] DBG: chan_11 -> BYE
2021-08-14 21:07:04 gpg-agent[2083] DBG: chan_10 -> [ 44 20 28 37 3a 73 69 67 2d 76 61 6c 28 33 3a 72 ...(529 byte(s) skipped) ]
2021-08-14 21:07:04 gpg-agent[2083] DBG: chan_10 -> OK
2021-08-14 21:07:04 gpg-agent[2083] DBG: chan_10 <- [eof]
diablodale commented 3 years ago

Hi. I use this every day while I am coding and using git. It is active for me 😉

I noticed difference than my setup.

I am thinking also... their may be a related concern involved. I think when a person uses a Windows 10 "Microsoft account" that account is considered a synchronized Enterprise account. Similar to a centralized Enterprise account that an employee would have at a large corporation. These types of accounts are not local computer accounts. Therefore, I suspect that Windows Credential Manager won't cache passwords if LocalMachine is used at the same time a person is logged into an Enterprise account. Does this match your experience? And if you change PERSISTANCE to Enterprise does it work?

lesmo commented 3 years ago

Hi there! Thanks a lot for your quick reply, didn't think I'd get a response. I really appreciate it.

lesmo commented 3 years ago

Hey! We're in business!

image

It seems to be that CredentialManager needs to be 2.0 to work on the most recent Windows 10. LocalMachine persistance does seem to work fine: image

Thanks a lot man! I'll close this issue now.

kennu commented 1 year ago

Just to leave a note here, nice to see this is working for me in 2023 with Windows 11, WSL2, CredentialManager 2.0 installed, using PERSISTENCE="Session".