search

keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
BSD 3-Clause "New" or "Revised" License
8.92k stars 1.23k forks source link

'keybase pgp select' hangs with TTY / subkey error messages #4576

Open rsrchboy opened 8 years ago

rsrchboy commented 8 years ago

Running under a plain shell (no tmux, no screen, etc), with gpg-agent running, the client hangs at this point:

$ keybase pgp select   
#    Algo    Key Id             Created   UserId
=    ====    ======             =======   ======
1    4096R   1535F82E8083A84A             Chris Weyl <cweyl@alumni.drew.edu>, Chris Weyl <rsrchboy@cpan.org>, Chris Weyl <chris.weyl@gmail.com>, Chris Weyl <chris@chrisweyl.com>, Chris Weyl <chris@whitepointstarllc.com>, Chris Weyl <chris.weyl@wps.io>, Chris Weyl <chris.weyl@wps.io>, Chris Weyl <cweyl@alumni.drew.edu>
Choose a key: 1
▶ WARNING error getting TTY for GPG: No Context provided for this call
▶ WARNING Bad subkey: openpgp: invalid data: subkey signature invalid: openpgp: invalid signature: RSA verification failure

After selecting 1, here's what the output of the above command but with --debug shows:

2016-10-09T11:08:44.145230 ▶ [DEBU keybase log.go:30] 07a time> SigChainLoader.Load: rsrchboy: 355.953µs
2016-10-09T11:08:44.145342 ▶ [DEBU keybase log.go:30] 07b time> LoadSigChains: rsrchboy: 366.085µs
2016-10-09T11:08:44.145446 ▶ [DEBU keybase log.go:30] 07c + Store user rsrchboy
2016-10-09T11:08:44.145535 ▶ [DEBU keybase log.go:30] 07d + SigHints.Store() for uid=7bbb66f4d7809628dbc414469bbdc819
2016-10-09T11:08:44.145629 ▶ [DEBU keybase log.go:30] 07e | SigHints.Store() skipped; wasn't dirty
2016-10-09T11:08:44.145901 ▶ [DEBU keybase log.go:30] 07f - SigHints.Store() for uid=7bbb66f4d7809628dbc414469bbdc819 -> ok
2016-10-09T11:08:44.146021 ▶ [DEBU keybase log.go:30] 080 - Store for rsrchboy skipped; user wasn't dirty
2016-10-09T11:08:44.146130 ▶ [DEBU keybase log.go:30] 081 + HasActiveKey
2016-10-09T11:08:44.146402 ▶ [DEBU keybase log.go:30] 082 | Checking user's ComputedKeyFamily
2016-10-09T11:08:44.146677 ▶ [DEBU keybase log.go:30] 083 - HasActiveKey -> true
2016-10-09T11:08:44.146801 ▶ [DEBU keybase log.go:30] 084 + IdentityTable::populate
2016-10-09T11:08:44.146922 ▶ [DEBU keybase log.go:30] 085 - IdentityTable::populate -> ok
2016-10-09T11:08:44.147044 ▶ [DEBU keybase log.go:30] 086 + VerifySelfSig for user rsrchboy
2016-10-09T11:08:44.147170 ▶ [DEBU keybase log.go:30] 087 | Found self-signature for rsrchboy @uid=7bbb66f4d7809628dbc414469bbdc819, seq=8, link=0a0f5b495877086457f40e6388f2eb0045e9e546a999e3824b8001594afc27f2
2016-10-09T11:08:44.147285 ▶ [DEBU keybase log.go:30] 088 - VerifySelfSig via SigChain
2016-10-09T11:08:44.147427 ▶ [DEBU keybase log.go:30] 089 time> LoadUser: {Contextified:{g:0xc420160a00} UID: Name: PublicKeyOptional:true NoCacheResult:false Self:true ForceReload:false AllKeys:false LoginContext:<nil> AbortIfSigchainUnchanged:false ResolveBody:<nil>}: 306.392428ms
2016-10-09T11:08:44.147549 ▶ [DEBU keybase log.go:30] 08a | configured GPG w/ path: /usr/bin/gpg2
2016-10-09T11:08:44.147671 ▶ [DEBU keybase log.go:30] 08b | running Gpg: /usr/bin/gpg2 --no-tty --with-colons --fingerprint -K
1
2016-10-09T11:08:47.132331 ▶ [DEBU keybase log.go:30] 08c SelectKey result: {KeyID:1535F82E8083A84A DoSecretPush:false}
2016-10-09T11:08:47.133994 ▶ [WARN keybase log.go:34] 08d error getting TTY for GPG: No Context provided for this call
2016-10-09T11:08:47.134267 ▶ [DEBU keybase log.go:30] 08e GPG version:
gpg (GnuPG) 2.0.22
libgcrypt 1.5.3
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ?, ?
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2016-10-09T11:08:47.134494 ▶ [DEBU keybase log.go:30] 08f | running Gpg: /usr/bin/gpg2 --no-tty --armor --export-secret-key 9db3b4d1339271690d89a91c1535f82e8083a84a
2016-10-09T11:08:47.148880 ▶ [WARN keybase log.go:34] 090 Bad subkey: openpgp: invalid data: subkey signature invalid: openpgp: invalid signature: RSA verification failure
2016-10-09T11:08:47.149165 ▶ [DEBU keybase log.go:30] 091 GPG version:
gpg (GnuPG) 2.0.22
libgcrypt 1.5.3
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ?, ?
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2016-10-09T11:08:47.149412 ▶ [DEBU keybase log.go:30] 092 | running Gpg: /usr/bin/gpg2 --no-tty --armor --export 9db3b4d1339271690d89a91c1535f82e8083a84a
2016-10-09T11:08:47.161597 ▶ [DEBU keybase log.go:30] 093 SecretUI:GetPassphrase, sessionID = 0

...and there we stay, until I abort it.

Additionally, --gpg-options doesn't actually appear to impact the options given to gpg2 (AFAICT, at any rate).

Am I futzing something here?

maxtaco commented 8 years ago

This is likely a pinentry problem, with this being a culprit:

08d error getting TTY for GPG: No Context provided for this call

This code is somewhat new, so I can investigate a bit today..

Thank you!

maxtaco commented 8 years ago

Cc: @patrickxb, seems like using NetContext doesn't always work since it's not plumbed through all the way through the various code paths.

BurntSushi commented 6 years ago

I'm getting this same error when I run keybase signup and it asks if I want to use one of my PGP keys. This is the first command I ran after installing keybase:

$ keybase signup
Your email address: foo@bar.com
Your desired username: username
A public name for this device [home computer]: computername
Would you like to add one of your PGP keys to Keybase? [Y/n] y
#    Algo    Key Id             Created   UserId
=    ====    ======             =======   ======
1    xxxxx   xxxxxxxxxxxxxxxx             xxxxxxxxxxxxxxxxxxxxxxxx
2    xxxxx   xxxxxxxxxxxxxxxx             xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
3    xxxxx   xxxxxxxxxxxxxxxx             xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
4    xxxxx   xxxxxxxxxxxxxxxx             xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Choose a key: 4
▶ WARNING error getting TTY for GPG: No Context provided for this call
▶ ERROR addGPG error: ImportKey (secret: true) error: GPG error: exit status 2

I'm running Archlinux. And:

$ keybase version
Client:  1.0.41
Service: 1.0.41

Also, my gpg agent is running and my pin entry works when running standard gpg commands. e.g., gpg -d something.gpg prompts me for my pin.

BurntSushi commented 6 years ago

It looks like the signup command did actually create my account, but did indeed fail to associate my gpg key. Running keybase pgp select yielded the same ▶ ERROR ImportKey (secret: true) error: GPG error: exit status 2. However, running keybase pgp select --no-import did actually work. I don't understand why.