keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
BSD 3-Clause "New" or "Revised" License
8.92k stars 1.23k forks source link

`keybase pgp import` hangs #18616

Open jgoguen opened 5 years ago

jgoguen commented 5 years ago

Running Fedora 30 x86_64, Keybase doesn't seem able to import a private key. I've tried both of the following with the same result:

On the CLI, it looks like it's just hung up. The logs show a much different story, there it looks like keybase is asking for pinentry to ask for my passphrase. When I export my secret key gpg invokes /usr/bin/pinentry and that works fine. My full log ID is 4ff29fbaafc00c59ce6d621c, but this snippet from Keybase.app.log shows invoking pinentry. Nothing ever pops up though.

["Info","2019-07-27T14:39:38.750Z","Asked for password"]
["Action","2019-07-27T14:35:56.832Z","type: engine-gen:keybase1SecretUiGetPassphrase:  {\"type\":\"engine-gen:keybase1SecretUiGetPassphrase\"}"]
["Action","2019-07-27T14:35:56.832Z","type: pinentry:newPinentry:  {\"type\":\"pinentry:newPinentry\"}"]
["Action","2019-07-27T14:35:56.833Z","type: pinentry:replaceEntity:  {\"type\":\"pinentry:replaceEntity\"}"]
["Action","2019-07-27T14:39:38.750Z","type: engine-gen:keybase1SecretUiGetPassphrase:  {\"type\":\"engine-gen:keybase1SecretUiGetPassphrase\"}"]
["Action","2019-07-27T14:39:38.751Z","type: pinentry:newPinentry:  {\"type\":\"pinentry:newPinentry\"}"]
["Action","2019-07-27T14:39:38.751Z","type: pinentry:replaceEntity:  {\"type\":\"pinentry:replaceEntity\"}"]

I'm not sure if it's somehow related, but if I try to upload my secret key using the web interface it complains the private and public keys don't match, even if I use the key ID reported by keybase to export the key. I made a quick check with a new GPGHOME and gpg happily imports them and sees them as the same keypair.

aspett commented 5 years ago

Similar issue Ubuntu 19.04, keybase version 4.1.0-20190612201656+952fee6c59

Log shows

["Info","2019-07-31T23:56:06.025Z","Asked for password"]

But was not prompted

maxtaco commented 5 years ago

And you're sure there's not a pinentry window hidden somewhere on your desktop?

jgoguen commented 5 years ago

I've moved and minimized windows and saw none. I was able to manually trigger pinentry from the CLI and from using gpg and have it show up fine. I even forced it to use pinentry-curses; manually it works, with gpg it works, with keybase it doesn't.

maxtaco commented 5 years ago

maybe @heronhaye has an idea, it works for me on macOS, might be a linux/terminal type thing. thanks

maxtaco commented 5 years ago

Oh wait, you guys know that keybase pgp import reads from standard input, right?

heronhaye commented 5 years ago

@jgoguen, @aspett, I tried gpg --export-secret-keys ... | keybase pgp import --push-secret on Keybase 4.0.1, Arch Linux, i3wm and I did get a pinentry window in the same tag my Keybase GUI was on. What wm/de are you using? If you're using a tiling wm, it shows up as a floating window.

jgoguen commented 5 years ago

I installed Keybase again on a new computer and now when I run gpg --export-secret-keys $keyid | keybase pgp import --push-secret it gives me the pinentry window for gpg as usual. What's new this time is I get a Keybase window, not a pinentry window, asking for first my PGP passphrase and then my Keybase passphrase. That fails though, complaining it's not a base64 private key it understands. Same if I export in ASCII format. And if I export the key to a file and use --infile it's the same for both. I'm not sure what's going on there, it's a standard RSA 4096-bit key and I thought exporting in ASCII-armoured format was the Base64 format.

Once I get home I can also try on the original laptop and see if Keybase there is now showing its own password window.

dimiboi commented 5 years ago

I am experiencing the same issue on macOS Mojave 10.14.6 with GPG Suite 2018.5.

pauby commented 3 years ago

I experienced this issue on Windows just now (latest version of Keybase). The Keybase app was running in the background.

After a lot of trial and error, I closed the Keybase app, ran the command again (keybase pgp import --push-secret --infile secret-keys.gpg) and the password prompt appeared in the terminal I was running the cli from.