ERROR ImportKey error: GPG error: exit status 2

[aleininger]

prompt ~ $ keybase login

prompt ~ $ keybase pgp select

\# Algo Key Id Created UserId

\= ==== ====== ======= ======

1 4096R CFB251E356B27251 my e-mail addresses associated with the key

Choose a key: 1

▶ ERROR ImportKey error: GPG error: exit status 2

Anyone got any idea what is going wrong here?

I have the most recent version of keybase.

arndt@arndt-ThinkPad-X1-Carbon ~ $ keybase version

Client: 1.0.14-1

Service: 1.0.14-1

I am running Linux Mint 17.3. and am using PGP successfully with Enigmail and Thunderbird.

[maxtaco]

Please post the same thing with -d so we can help debug.

[aleininger]

Algo Key Id Created UserId

= ==== ====== ======= ====== 1 4096R CFB251E356B27251 my-email addresses Choose a key: 1 2016-03-16T14:39:37.482909 ▶ [DEBU keybase log.go:30] 090 SelectKey result: {KeyID:CFB251E356B27251 DoSecretPush:false} 2016-03-16T14:39:37.486536 ▶ [DEBU keybase log.go:30] 091 GPG version: gpg (GnuPG) 2.1.6 libgcrypt 1.6.3 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 2016-03-16T14:39:37.487033 ▶ [DEBU keybase log.go:30] 092 | running Gpg: /usr/local/bin/gpg2 [--no-tty --armor --export-secret-key 204db90fbe454a6a23aa308dcfb251e356b27251] 2016-03-16T14:39:37.491743 ▶ [DEBU keybase log.go:30] 093 gpg: key 56B27251: error receiving key from agent: No pinentry - skipped 2016-03-16T14:39:37.492404 ▶ [DEBU keybase log.go:30] 094 gpg: key 56B27251/B68783BA: error receiving key from agent: No pinentry - skipped 2016-03-16T14:39:37.492908 ▶ [DEBU keybase log.go:30] 095 gpg: WARNING: nothing exported 2016-03-16T14:39:37.493421 ▶ [DEBU keybase log.go:30] 096 - RunEngine(GPGImportKeyEngine) -> ERROR: ImportKey error: GPG error: exit status 2 2016-03-16T14:39:37.593284 ▶ [DEBU keybase globals.go:257] 097 Calling shutdown first time through 2016-03-16T14:39:37.593395 ▶ [DEBU keybase login_state.go:944] 098 + Account "LoginState - Shutdown" 2016-03-16T14:39:37.593470 ▶ [DEBU keybase login_state.go:946] 099 - Account "LoginState - Shutdown" 2016-03-16T14:39:37.593505 ▶ [DEBU keybase globals.go:300] 09a exiting shutdown code=0; err= 2016-03-16T14:39:37.593540 ▶ [ERRO keybase standard.go:225] 09b ImportKey error: GPG error: exit status 2

Is that sufficient or do you want the output (it's a lot) from before the prompt for choosing a key, too? Thanks for your help!

[maxtaco]

Looks like you're having pinentry problems. GPG 2.1 has different policies on key export and requires a pinentry prompt for it. @oconnor663 what's the workaround here?

[oconnor663]

It's possible that you could force your GPG agent to load this key as a workaround, with something like:

gpg --sign --output /dev/null /dev/null

But I don't know what's causing error receiving key from agent: No pinentry - skipped. That doesn't sound like a 2.1-specific problem. What do you see from which pinentry?

[oconnor663]

Just for good measure, could you run keybase log send and give us the ID it generates?

Edit: Filed https://keybase.atlassian.net/browse/CORE-2815 internally.

[aleininger]

arndt@arndt-ThinkPad-X1-Carbon ~ $ which pinentry

/usr/bin/pinentry

Log ID: ed25fae098af4709de01411c

Thanks for your help, guys.

[predmijat]

Same error on keybase pgp select.

> which pinentry
/usr/local/bin/pinentry
> keybase version
Client:  1.0.15
Service: 1.0.15
> gpg --version
gpg (GnuPG) 2.1.12
libgcrypt 1.7.0
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

[dylancarlson]

Experiencing same issue.

[user:~]$ which pinentry
/usr/bin/pinentry
[user:~]$ keybase version
Client:  1.0.15
Service: 1.0.15
[user:~]$ gpg --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.4
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

[maxtaco]

Thanks everyone. It seems like the common denominator here is GPG 2.1. We'll take a look.

[nyanloutre]

Same error when I try keybase pgp pull

[maxtaco]

@nyanloutre are you on GPG 2.1+?

[nyanloutre]

Yes. However deleting the folder .gnupg solved the problem

[FXuZ]

I have the same issue with GngPG 2.1.12 and keybase 1.0.15 on gentoo.

gpg (GnuPG) 2.1.12
libgcrypt 1.7.0
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2016-05-31T11:41:27.616441 ▶ [DEBU keybase log.go:30] 079 | running Gpg: /usr/bin/gpg2 [--no-tty --armor --export-secret-key 418cd2fe9f2dfbea9078c96d879feeb6d5406165]
2016-05-31T11:41:27.650666 ▶ [DEBU keybase log.go:30] 07a gpg: key 6606FA8B294B00AE6CC2A4D06F48DDE35F61D29A: error receiving key from agent: Inappropriate ioctl for device - skipped
2016-05-31T11:41:28.655833 ▶ [DEBU keybase log.go:30] 07b gpg: key 7CCB73E79D9C868D95953C53DF190D45754A4615: error receiving key from agent: Inappropriate ioctl for device - skipped
2016-05-31T11:41:28.656245 ▶ [DEBU keybase log.go:30] 07c gpg: WARNING: nothing exported
2016-05-31T11:41:28.656656 ▶ [DEBU keybase log.go:30] 07d - RunEngine(GPGImportKeyEngine) -> ERROR: ImportKey error: GPG error: exit status 2
2016-05-31T11:41:28.757111 ▶ [DEBU keybase globals.go:266] 07e Calling shutdown first time through
2016-05-31T11:41:28.757212 ▶ [DEBU keybase login_state.go:953] 07f + Account "LoginState - Shutdown"
2016-05-31T11:41:28.757292 ▶ [DEBU keybase login_state.go:955] 080 - Account "LoginState - Shutdown"
2016-05-31T11:41:28.757344 ▶ [DEBU keybase globals.go:312] 081 exiting shutdown code=0; err=<nil>
2016-05-31T11:41:28.757393 ▶ [ERRO keybase standard.go:197] 082 ImportKey error: GPG error: exit status 2

I tried with /usr/bin/gpg2 --no-tty --armor --export-secret-key 18cd2fe9f2dfbea9078c96d879feeb6d5406165, which was issued right before the first error, it turned out to ask for my passphrase to this key but the keybase pgp select didn't ask at all.

[stellarhopper]

I was having similar issues with: $ gpg2 --version gpg (GnuPG) 2.1.13 libgcrypt 1.6.5

Using keybase with --gpg /usr/bin/gpg to force it to use 'gpg' instead of 'gpg2' works around the problem till an actual fix appears.

[garyemiller]

Same problem here:

gem@kong ~ $ gpg2 --version gpg (GnuPG) 2.1.14 libgcrypt 1.7.2

The work around not working for me:

gem@kong ~ $ keybase --gpg /usr/bin/gpg pgp select 36a0a3128cad00402e14293c0d0ed94941d179d8

Algo Key Id Created UserId

= ==== ====== ======= ====== 1 2048R 0D0ED94941D179D8 Gary E. Miller gem@rellim.com Choose a key: 1 ▶ ERROR ImportKey error: GPG error: exit status 2

[stellarhopper]

Is your gpg binary in /usr/bin ?

On Fri, Aug 12, 2016, 19:57 Gary E. Miller notifications@github.com wrote:

Same problem here:

gem@kong ~ $ gpg2 --version gpg (GnuPG) 2.1.14 libgcrypt 1.7.2

The work around not working for me:

gem@kong ~ $ keybase --gpg /usr/bin/gpg pgp select 36a0a3128cad00402e14293c0d0ed94941d179d8 Algo Key Id Created UserId

= ==== ====== ======= ====== 1 2048R 0D0ED94941D179D8 Gary E. Miller gem@rellim.com Choose a key: 1 ▶ ERROR ImportKey error: GPG error: exit status 2

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/keybase/keybase-issues/issues/2132#issuecomment-239595481, or mute the thread https://github.com/notifications/unsubscribe-auth/ABBRFw6JCaHJtSyiBw9z38dqRh_JS8vQks5qfSSXgaJpZM4HxxLc .

[ghost]

my log ID: 09b321c922fac11303bb921c

# yautweh at atoll in ~ [13:37:26]
$ which pinentry
/usr/bin/pinentry

# yautweh at atoll in ~ [13:37:59]
$ keybase version
Client:  1.0.17-20160812160036+d206db9
Service: 1.0.17-20160812160036+d206db9

# yautweh at atoll in ~ [13:38:08]
$ gpg2 --version
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed

[I had the same outcome as @FXuZ: running gpg2 --no-tty --armor --export-secret-key 838c6d6c91d0aa8e09e621a1c3e294dcc05b414c worked, as pinentry (curses) prompted for the passphrase.

[garyemiller]

Is your gpg binary in /usr/bin ?

On gentoo /usr/bin/gpg is a soft link to /usr/bin/gpg2

[garyemiller]

gpg --sign --output /dev/null /dev/null

That worked so I could do a: keybase device add

But it did throw an error:

▶ ERROR {-} Error in transport: operation timed out ✔ Success! You added a new device named dagwood to your ac

Clearly this is Alpha software...

[oconnor663]

@garyemiller what version are you running? I think that operation timed out error was fixed at some point.

[garyemiller]

@garyemiller what version are you running? I think that operation timed out error was fixed at some point.

The latest Gentoo unstable ebuild, does it. I also found a private ebuild, same issue: :https://bugs.gentoo.org/show_bug.cgi?id=587604

gem@kong ~ $ keybase status ▶ INFO Forking background server with pid=12892 Username: gemiller Logged in: yes

Device: name: kong ID: 53d4fbfd8f47e6071d8991ab1ff39d18 status: active

Session: no session is valid: yes keys: locked

Key status: stream: not cached secret: not stored dev sig: not cached dev enc: not cached paper sig: not cached paper enc: not cached prompt: show tsec: not cached

KBFS: status: not running version: 1.0.2 log: /home/gem/.cache/keybase/keybase.kbfs.log

Service: status: running version: 1.0.16 log: /home/gem/.cache/keybase/keybase.service.log

Updater: log: /home/gem/.cache/keybase/keybase.updater.log

Platform Information: OS: linux Runtime: go1.6.3 Arch: amd64

Client: version: 1.0.16

Desktop app: status: not running version:
log: /home/gem/.cache/keybase/Keybase.app.log

Config path: /home/gem/.config/keybase/config.json Default user: gemiller Other users:

command-line client: keybase status [pid: 12885, version: 1.0.16]

[oconnor663]

1.0.16 is several months old I think, though I don't know enough about Gentoo to tell whether it's building directly from the v1.0.16 tag or some other commit.

[starkythefox]

@oconnor663 I just went to the ebuild page for Gentoo and, as far as I understand, it grabs the file in the version tag. Also, it seems they updated the ebuild to 1.0.17.

Here's the ebuild source. https://gitweb.gentoo.org/repo/gentoo.git/tree/app-crypt/keybase/keybase-1.0.17.ebuild. On line 13:

SRC_URI="https://github.com/keybase/client/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"

[garyemiller]

Yes, Gentoo updated to 1.0.17 yesterday. I have updated and will be testing.

Gentoo bug # 591336, https://bugs.gentoo.org/show_bug.cgi?id=591336

[a11enh]

Solved my problem using an earlier posted link for trustdb issues. I had old keys (md5) as ultimately trusted I believe. Anyways- @seefood solved my problem with this link: http://stuff-things.net/2015/04/22/gpg-public-key-of-ultimately-trusted-key-00000000-not-found/

Having similar problems with both the brew/cask install of 1.0.17 and the app for osx installed via DMG today. [I should note that I haven't been able to login to keybase ever yet- so I think it may be a problem with my gpg key-ring.] I'm using a hardware key (yubikey) as well as have some old md5 keys in the keychain right now. [Yes, from back when pgp2i was around- LOL.] exhibits itself as: "ERROR GPG error: exit status 2"

[thewoolleyman]

Just an FYI, it seems that on OSX homebrew, gpg-zip no longer works. It fails with the error:

gpg-agent[51336]: command get_passphrase failed: Inappropriate ioctl for device

Our workaround was to decrypt the file with gpg --decrypt -o file.tar file.gpg and then manually untar it.

[berezovskyi]

Same issue, log id a2e7b1b2c1a4de48757f5d1c.

[maxtaco]

I see these warnings:

5968 2017-05-26T14:22:09.889184+02:00 ▶ [DEBU keybase gpg_cli.go:353] 1742 | running Gpg: /usr/local/bin/gpg2 --no-tty --armor --export-secret-key e34d37054bde56ceefe4153fa9614302812f56a7
5969 2017-05-26T14:22:09.889270+02:00 ▶ [DEBU keybase gpg_cli.go:360] 1743 | setting GPG_TTY=/dev/ttys000
5970 2017-05-26T14:22:09.922519+02:00 ▶ [DEBU keybase gpg_cli.go:332] 1744 gpg: key 33DFA797C78A8B00865435A85159D5B14B914EE0: error receiving key from agent: End of file - "ubersprungen
5971 2017-05-26T14:22:09.930570+02:00 ▶ [DEBU keybase gpg_cli.go:332] 1745 gpg: key 0D4FC7C4E75139D1FD08B6FC04B63F3B8DF37423: error receiving key from agent: End of file - "ubersprungen
5972 2017-05-26T14:22:09.930672+02:00 ▶ [DEBU keybase gpg_cli.go:332] 1746 gpg: VARNING: ingenting exporterat
5973 2017-05-26T14:22:09.933214+02:00 ▶ [DEBU keybase engine.go:67] 1747 - RunEngine(GPGImportKeyEngine) -> ERROR: ImportKey error: GPG error: exit status 2

@berezovskyi try keybase pgp select --no-import instead, it might work.

[berezovskyi]

I had to install gpg1 and because --gpg flag is ignored by keybase, I had to move the gpg2 symlink to gpg2.1 and only then I was able to import the key (after exporting private keys from gpg2.1 into gpg1 keyring).

[maxtaco]

It's not ignored, it's just confusing and maybe buggy since it only applies to the short-lived client but the long-running service is doing the work.

It should always work correctly to do this:

keybase config set gpg.command /path/to/your/gpg

Sorry for any confusion

[BenjaminHCCarr]

CANCEL THIS... it's not respecting: keybase config set gpg.command /usr/local/bin/gpg1

---

ls -l /usr/local/bin/gpg1
lrwxr-xr-x  1 benc  admin  35 Jul 17 13:53 /usr/local/bin/gpg1 -> ../Cellar/gnupg@1.4/1.4.21/bin/gpg1

Version

Mine are current but not working:

gpg1 --version
gpg (GnuPG) 1.4.21
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

gpg2 --version
gpg (GnuPG) 2.1.21
libgcrypt 1.7.8
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/benc/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

keybase --version
keybase version 1.0.24-20170619144856+91a6943

---

The solution after much head banging, issue reading, and search for me was to use this: benc$ keybase config set gpg.command 'which gpg1' (you need backticks.... but markdown won't escape) As you need gpg v1 and v2 seems to always fail... on OSX gpg is symlinked against gpg2

And THEN run: keybase pgp select

[BenjaminHCCarr]

Thought it might be the symlink: keybase config set gpg.command /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1 Confirm:

keybase config get gpg.command
"/usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1"

Run select:

time keybase -d pgp select
<snip>
2017-07-17T14:14:47.283168-04:00 ▶ [DEBU keybase log.go:30] 08e | configured GPG w/ path: /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1
2017-07-17T14:14:47.283327-04:00 ▶ [DEBU keybase log.go:30] 08f | running Gpg: /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1 --no-tty --with-colons --fingerprint -K
2017-07-17T14:14:47.283500-04:00 ▶ [DEBU keybase log.go:30] 090 | no tty provided, GPG_TTY will not be changed
#    Algo    Key Id             Created   UserId
=    ====    ======             =======   ======
1    4096R   86DD7EEFD9E16602             Ben Carr <bencarr@bu.edu>, Ben Carr <benc@litech.org>, Ben Carr <bcarr@whoi.edu>, Ben Carr <bencarr@gmail.com>
Choose a key: 1
2017-07-17T14:14:49.032845-04:00 ▶ [DEBU keybase log.go:30] 091 SelectKey result: {KeyID:86DD7EEFD9E16602 DoSecretPush:false}
2017-07-17T14:14:49.033148-04:00 ▶ [DEBU keybase log.go:30] 092 GPG version:
gpg (GnuPG) 2.1.21
libgcrypt 1.7.8
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/benc/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2017-07-17T14:14:49.037605-04:00 ▶ [DEBU keybase log.go:30] 093 | running Gpg: /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1 --no-tty --armor --export-secret-key a23e3597ff1061186a88669486dd7eefd9e16602
2017-07-17T14:14:49.038211-04:00 ▶ [DEBU keybase log.go:30] 094 | setting GPG_TTY=/dev/ttys007
2017-07-17T14:14:49.061672-04:00 ▶ [DEBU keybase log.go:30] 095 GPG version:
gpg (GnuPG) 2.1.21
libgcrypt 1.7.8
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /Users/benc/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2017-07-17T14:14:49.067545-04:00 ▶ [DEBU keybase log.go:30] 096 | running Gpg: /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1 --no-tty --armor --export a23e3597ff1061186a88669486dd7eefd9e16602
2017-07-17T14:14:49.070405-04:00 ▶ [DEBU keybase log.go:30] 097 | setting GPG_TTY=/dev/ttys007
2017-07-17T14:14:49.088939-04:00 ▶ [DEBU keybase log.go:30] 098 SecretUI:GetPassphrase, sessionID = 0
^C2017-07-17T14:15:01.552893-04:00 ▶ [DEBU keybase main.go:311] 099 trapped signal interrupt
2017-07-17T14:15:01.552972-04:00 ▶ [DEBU keybase main.go:330] 09a calling shutdown
2017-07-17T14:15:01.552986-04:00 ▶ [DEBU keybase globals.go:477] 09b Calling shutdown first time through
2017-07-17T14:15:01.553005-04:00 ▶ [DEBU keybase login_state.go:1046] 09c + Account "LoginState - Shutdown"
2017-07-17T14:15:01.553051-04:00 ▶ [DEBU keybase login_state.go:939] 09d - LoginState: shutdown chan closed, exiting requests loop
2017-07-17T14:15:01.553066-04:00 ▶ [DEBU keybase login_state.go:1048] 09e - Account "LoginState - Shutdown"
2017-07-17T14:15:01.553075-04:00 ▶ [DEBU keybase login_state.go:940] 09f - LoginState: Leaving request loop
2017-07-17T14:15:01.553126-04:00 ▶ [DEBU keybase globals.go:536] 0a0 exiting shutdown code=0; err=<nil>
2017-07-17T14:15:01.553161-04:00 ▶ [ERRO keybase main.go:332] 0a1 interrupted

real    0m14.749s
user    0m0.026s
sys     0m0.026s

So something is hard coded against gpg which is making it fall back to gpgv2

[BenjaminHCCarr]

okay.... so this worked after attempt number xxyyzz:

keybase config set gpg.command /usr/local/Cellar/gnupg@1.4/1.4.21/bin/gpg1

This can be gotten on OSX with homebrew: brew install gnupg@1.4

---

The restart command is not as listed in help:

benc$ keybase -d launchd restart
Error parsing command line arguments: Need to specify launchd label

You need to run: keybase ctl restart

---

With debug it looks like this:

tyr:~ benc$ keybase -d ctl restart
2017-07-17T18:55:55.836749-04:00 ▶ [DEBU keybase globals.go:392] 001 Created Identify2Cache, max age: 5m0s
2017-07-17T18:55:55.836846-04:00 ▶ [DEBU keybase globals.go:395] 002 Created LinkCache, max size: 65536, clean dur: 1m0s
2017-07-17T18:55:55.836875-04:00 ▶ [DEBU keybase globals.go:397] 003 Created CardCache, max age: 5m0s
2017-07-17T18:55:55.836894-04:00 ▶ [DEBU keybase globals.go:399] 004 made a new full self cache
2017-07-17T18:55:55.836908-04:00 ▶ [DEBU keybase globals.go:401] 005 made a new cached UPAK loader (timeout=10m0s)
2017-07-17T18:55:55.843964-04:00 ▶ [DEBU keybase ui.go:578] 006 Setting GPG_TTY to /dev/ttys007
2017-07-17T18:55:55.844049-04:00 ▶ [DEBU keybase globals.go:375] 007 Keybase CLI 1.0.24-20170619144856+91a6943
2017-07-17T18:55:55.844073-04:00 ▶ [DEBU keybase globals.go:375] 008 - Built with go1.8.1
2017-07-17T18:55:55.844084-04:00 ▶ [DEBU keybase globals.go:375] 009 - Visit https://keybase.io for more details
2017-07-17T18:55:55.844097-04:00 ▶ [DEBU keybase main.go:160] 00a + configureProcesses
2017-07-17T18:55:55.844114-04:00 ▶ [DEBU keybase main.go:258] 00b + configureLogging
2017-07-17T18:55:55.844126-04:00 ▶ [DEBU keybase main.go:267] 00c Disabling log forwarding
2017-07-17T18:55:55.844141-04:00 ▶ [DEBU keybase main.go:260] 00d - configureLogging
2017-07-17T18:55:55.844152-04:00 ▶ [DEBU keybase main.go:162] 00e - configureProcesses -> <nil>
2017-07-17T18:55:55.844169-04:00 ▶ [DEBU keybase cmd_ctl_stop_osx.go:73] 00f Components: map[app:true service:true kbfs:true updater:true]
2017-07-17T18:55:55.844277-04:00 ▶ [INFO keybase install.go:281] 010 Stopping Keybase app
2017-07-17T18:55:55.854290-04:00 ▶ [DEBU keybase adapter.go:32] 011 Searching OS for 2123
2017-07-17T18:55:55.854410-04:00 ▶ [DEBU keybase adapter.go:32] 012 Terminating: &os.Process{Pid:2123, handle:0x0, isdone:0x0, sigMu:sync.RWMutex{w:sync.Mutex{state:0, sema:0x0}, writerSem:0x0, readerSem:0x0, readerCount:0, readerWait:0}}
2017-07-17T18:56:00.856132-04:00 ▶ [INFO keybase install.go:284] 013 Terminated Keybase [2123]
2017-07-17T18:56:00.865182-04:00 ▶ [DEBU keybase launchd.go:141] 014 Output (launchctl remove): 
2017-07-17T18:56:00.865263-04:00 ▶ [DEBU keybase launchd.go:146] 015 Nothing to stop (keybase.service)
2017-07-17T18:56:00.873808-04:00 ▶ [DEBU keybase launchd.go:141] 016 Output (launchctl remove): 
2017-07-17T18:56:00.873873-04:00 ▶ [DEBU keybase launchd.go:146] 017 Nothing to stop (homebrew.mxcl.keybase)
2017-07-17T18:56:00.881930-04:00 ▶ [DEBU keybase launchd.go:141] 018 Output (launchctl remove): 
2017-07-17T18:56:00.881996-04:00 ▶ [DEBU keybase launchd.go:146] 019 Nothing to stop (keybase.kbfs)
2017-07-17T18:56:00.890092-04:00 ▶ [DEBU keybase launchd.go:141] 01a Output (launchctl remove): 
2017-07-17T18:56:00.890156-04:00 ▶ [DEBU keybase launchd.go:146] 01b Nothing to stop (homebrew.mxcl.kbfs)
2017-07-17T18:56:00.890183-04:00 ▶ [INFO keybase install_darwin.go:785] 01c Uninstall mount: /keybase
2017-07-17T18:56:01.088265-04:00 ▶ [DEBU keybase install_darwin.go:878] 01d Output ([--debug --run-mode=prod --app-path=/Applications/Keybase.app --timeout=10 --uninstall-mountdir]): 07.17.2017 18:56:01.048 Installer:52[DEBG] Version: 1.1.55
07.17.2017 18:56:01.072 KBMountDir:99[INFO] The mount directory doesn't exist: /keybase
07.17.2017 18:56:01.080 KBMountDir:147[DEBG] Saving finder favorite position -1 to /Users/benc/Library/Application Support/Keybase/finder_position.config
07.17.2017 18:56:01.081 KBMountDir:183[DEBG] File list favorite disabled (file:///Users/benc/Library/Application%20Support/Keybase/Keybase)
07.17.2017 18:56:01.085 KBMountDir:185[DEBG] File list favorites changed: No
07.17.2017 18:56:01.085 Installer:105[INFO] Uninstalled
2017-07-17T18:56:01.096313-04:00 ▶ [DEBU keybase launchd.go:141] 01e Output (launchctl remove): 
2017-07-17T18:56:01.096376-04:00 ▶ [DEBU keybase launchd.go:146] 01f Nothing to stop (keybase.updater)
2017-07-17T18:56:01.096394-04:00 ▶ [DEBU keybase cmd_ctl_start_osx.go:65] 020 Components: map[app:true service:true kbfs:true updater:true]
2017-07-17T18:56:01.096760-04:00 ▶ [DEBU keybase install_darwin.go:528] 021 Using binPath: /Applications/Keybase.app/Contents/SharedSupport/bin/keybase
2017-07-17T18:56:01.104513-04:00 ▶ [DEBU keybase launchd.go:141] 022 Output (launchctl remove): 
2017-07-17T18:56:01.104571-04:00 ▶ [DEBU keybase launchd.go:146] 023 Nothing to stop (keybase.service)
2017-07-17T18:56:01.111427-04:00 ▶ [DEBU keybase launchd.go:141] 024 Output (launchctl remove): 
2017-07-17T18:56:01.111489-04:00 ▶ [DEBU keybase launchd.go:146] 025 Nothing to stop (homebrew.mxcl.keybase)
2017-07-17T18:56:01.111505-04:00 ▶ [DEBU keybase install_darwin.go:537] 026 Installing service (keybase.service, timeout=10s)
2017-07-17T18:56:01.111645-04:00 ▶ [INFO keybase launchd.go:270] 027 Saving /Users/benc/Library/LaunchAgents/keybase.service.plist
2017-07-17T18:56:01.111683-04:00 ▶ [DEBU keybase util.go:181] 028 + Writing to /Users/benc/Library/LaunchAgents/keybase.service.plist
2017-07-17T18:56:01.112394-04:00 ▶ [DEBU keybase util.go:183] 029 | Temporary file generated: /Users/benc/Library/LaunchAgents/keybase.service.plist.ZJNHCMQUBKDBWMNKTDQ4ILMZPTNSENUT
2017-07-17T18:56:01.112618-04:00 ▶ [DEBU keybase util.go:206] 02a - Wrote to /Users/benc/Library/LaunchAgents/keybase.service.plist -> ok
2017-07-17T18:56:01.112700-04:00 ▶ [INFO keybase launchd.go:95] 02b Starting keybase.service
2017-07-17T18:56:01.122764-04:00 ▶ [DEBU keybase launchd.go:98] 02c Output (launchctl load): 
2017-07-17T18:56:01.122851-04:00 ▶ [INFO keybase launchd.go:176] 02d Waiting for keybase.service to be loaded...
2017-07-17T18:56:01.635835-04:00 ▶ [DEBU keybase launchd.go:111] 02e Service status: &launchd.ServiceStatus{label:"keybase.service", pid:"4276", lastExitStatus:""}
2017-07-17T18:56:02.150214-04:00 ▶ [DEBU keybase service_info.go:92] 02f Looking for service info file (timeout=10s)
2017-07-17T18:56:02.555200-04:00 ▶ [DEBU keybase service_info.go:104] 030 Found service info: libkb.ServiceInfo{Version:"1.0.24-20170619144856+91a6943", Label:"keybase.service", Pid:4276}
2017-07-17T18:56:02.555464-04:00 ▶ [ERRO keybase standard.go:230] 031 stat /keybase: no such file or directory
2017-07-17T18:56:02.555587-04:00 ▶ [DEBU keybase install_darwin.go:1098] 032 Using updater path: /Applications/Keybase.app/Contents/SharedSupport/bin/updater
2017-07-17T18:56:02.563524-04:00 ▶ [DEBU keybase launchd.go:141] 033 Output (launchctl remove): 
2017-07-17T18:56:02.563605-04:00 ▶ [DEBU keybase launchd.go:146] 034 Nothing to stop (keybase.updater)
2017-07-17T18:56:02.563623-04:00 ▶ [DEBU keybase install_darwin.go:1108] 035 Installing updater service (keybase.updater, timeout=10s)
2017-07-17T18:56:02.563843-04:00 ▶ [INFO keybase launchd.go:270] 036 Saving /Users/benc/Library/LaunchAgents/keybase.updater.plist
2017-07-17T18:56:02.563868-04:00 ▶ [DEBU keybase util.go:181] 037 + Writing to /Users/benc/Library/LaunchAgents/keybase.updater.plist
2017-07-17T18:56:02.564050-04:00 ▶ [DEBU keybase util.go:183] 038 | Temporary file generated: /Users/benc/Library/LaunchAgents/keybase.updater.plist.PO4UDISFCVMIAKW5VMFBGAC57Q3YJWLH
2017-07-17T18:56:02.564288-04:00 ▶ [DEBU keybase util.go:206] 039 - Wrote to /Users/benc/Library/LaunchAgents/keybase.updater.plist -> ok
2017-07-17T18:56:02.564403-04:00 ▶ [INFO keybase launchd.go:95] 03a Starting keybase.updater
2017-07-17T18:56:02.575014-04:00 ▶ [DEBU keybase launchd.go:98] 03b Output (launchctl load): 
2017-07-17T18:56:02.575072-04:00 ▶ [INFO keybase launchd.go:176] 03c Waiting for keybase.updater to be loaded...
2017-07-17T18:56:03.087023-04:00 ▶ [DEBU keybase launchd.go:111] 03d Service status: &launchd.ServiceStatus{label:"keybase.updater", pid:"4281", lastExitStatus:""}
2017-07-17T18:56:03.620603-04:00 ▶ [INFO keybase install_darwin.go:1190] 03e Opening /Applications/Keybase.app
2017-07-17T18:56:04.297854-04:00 ▶ [DEBU keybase out_of_date.go:14] 03f + PrintOutOfDateWarnings
2017-07-17T18:56:04.297923-04:00 ▶ [DEBU keybase util.go:414] 040 + GetSocket
2017-07-17T18:56:04.297949-04:00 ▶ [DEBU keybase util.go:415] 041 - GetSocket -> ok
2017-07-17T18:56:04.298018-04:00 ▶ [DEBU keybase socket.go:73] 042 | empty socket wrapper; need a new one
2017-07-17T18:56:04.298046-04:00 ▶ [DEBU keybase socket_nix.go:96] 043 Dialing unix:/Users/benc/Library/Group Containers/keybase/Library/Caches/Keybase/keybased.sock
2017-07-17T18:56:04.298199-04:00 ▶ [DEBU keybase socket.go:88] 044 | DialSocket -> ok
2017-07-17T18:56:04.299271-04:00 ▶ [DEBU keybase out_of_date.go:28] 045 Got OutOfDateInfo: keybase1.OutOfDateInfo{UpgradeTo:"", UpgradeURI:"", CustomMessage:"", CriticalClockSkew:0}
2017-07-17T18:56:04.299335-04:00 ▶ [DEBU keybase out_of_date.go:44] 046 - PrintOutOfDateWarnings
2017-07-17T18:56:04.402971-04:00 ▶ [DEBU keybase globals.go:477] 047 Calling shutdown first time through
2017-07-17T18:56:04.403053-04:00 ▶ [DEBU keybase login_state.go:1046] 048 + Account "LoginState - Shutdown"
2017-07-17T18:56:04.403106-04:00 ▶ [DEBU keybase login_state.go:939] 049 - LoginState: shutdown chan closed, exiting requests loop
2017-07-17T18:56:04.403126-04:00 ▶ [DEBU keybase login_state.go:940] 04a - LoginState: Leaving request loop
2017-07-17T18:56:04.403145-04:00 ▶ [DEBU keybase login_state.go:1048] 04b - Account "LoginState - Shutdown"
2017-07-17T18:56:04.403192-04:00 ▶ [DEBU keybase globals.go:536] 04c exiting shutdown code=0; err=<nil>
2017-07-17T18:56:04.403218-04:00 ▶ [ERRO keybase standard.go:230] 04d stat /keybase: no such file or directory

[jscheid]

I'm using gpgv2 via Homebrew and this fixed it for me (without changing the gpg.command setting):

$ brew install pinentry-mac

[pwalsh]

brew install pinentry-mac doesn't work for me on High Sierra with GnuPG 2.2.1

[aleininger]

Since I first posted this issue quite some time has passed. One of the updates to keybase that has happened in that time resolved the issue for me. Keybase is now fully functional on my system (Linux Mint 18).

[banool]

Using gpg with brew, I just upgraded from 2.2.1 to 2.2.2 and it fixed it. The full steps I did were:

• brew install pinentry-mac
• echo "pinentry-program /usr/local/bin/pinentry-mac" > nano ~/.gnupg/gpg-agent.conf
• brew upgrade gpg
• keybase pgp select # This now worked as expected.

[erikvanoosten]

On High Sierra the instructions from @banool with brew installed pgp 2.2.2 and pinentry-mac 0.9.4 didn't help.

[pwalsh]

confirmed same result as @erikvanoosten with same installed versions on High Sierra.

[maxtaco]

It is very likely it is a local misconfiguration with GPG. Run keybase status to see where your service log is, and look in there for the error GPG is giving and the command line invocation that produced it.

On Sat, Nov 11, 2017 at 12:41 PM Paul Walsh notifications@github.com wrote:

confirmed same result as @erikvanoosten https://github.com/erikvanoosten with same installed versions on High Sierra.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/keybase/keybase-issues/issues/2132#issuecomment-343689190, or mute the thread https://github.com/notifications/unsubscribe-auth/AA05_xcS35cHsRPfo_dloqzn7carRGZEks5s1fhegaJpZM4HxxLc .

[erikvanoosten]

After invoking keybase pgp select a list is displayed with 1 key. I type 1. Response: ▶ ERROR ImportKey (secret: true) error: GPG error: exit status 2.

In the service log is a line with: 2017-11-12T10:34:43.599731+01:00 ▶ [DEBU keybase gpg_cli.go:357] 665a | running Gpg: /usr/local/bin/gpg --no-tty --armor --export-secret-key abcdefghijklmnopqr (not the real key name)

Running the given command directly results in a prompt to enter my passphrase. I do not get this prompt when running keybase pgp select.

[pwalsh]

Same as @erikvanoosten

It does not seem likely to me that this is a local misconfiguration with GPG, but happy to find out otherwise!

[maxtaco]

Try keybase pgp select --no-import

[pwalsh]

@maxtaco that works.

[icyflame]

@maxtaco That works! 🙂

[eduncan911]

Same problem here. I noticed that it was running this in the debug log:

running Gpg: /usr/local/bin/gpg --no-tty --armor --export-secret-key 17629b980c7d7<snip>a63a0cea4f22d134c6

That will not work in my case, as I explicitly have to use TTY for my passphrase entry and must be prompted.

Funny thing though, another my other machine I was able to run this command just fine. Though, I didn't have --multi specified on that other machine.

keybase pgp select --multi --no-import

^- that worked. which I didn't run debug though so I'm guessing it didn't try to run --no-tty

[simonv3]

On Ubuntu 16.04 I encountered this error and I think it was happening because Keybase originally used gpg2 and it seems to not find the right key:

2018-03-08T15:30:05.346060-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d0 SelectKey result: {KeyID:C8DCA2CE0BA1F1EB DoSecretPush:false}
2018-03-08T15:30:05.346303-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d1 GetKeyRoleAtTime 0101ed130110e5621572c00133c34c30a879b68e49958eb81874d89692e39de94f720a, 2018-03-08 15:30:05.345890194 -0900 AKST m=+908.566830098 => err The key '0101ed130110e5621572c00133c34c30a879b68e49958eb81874d89692e39de94f720a' wasn't found [tags:LU=tSMafsVYrk-e]
2018-03-08T15:30:05.346524-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d2 GetKeyRoleAtTime 0101079845520a49d47cf6e529befa83ed85f7e3eb2f56c61a6d06b21e4076f7cf340a, 2018-03-08 15:30:05.345923906 -0900 AKST m=+908.566863803 => err The key '0101079845520a49d47cf6e529befa83ed85f7e3eb2f56c61a6d06b21e4076f7cf340a' wasn't found [tags:LU=tSMafsVYrk-e]
2018-03-08T15:30:05.346727-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d3 GPG version:
gpg (GnuPG) 2.1.11
libgcrypt 1.6.5
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
2018-03-08T15:30:05.346914-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d4 | running Gpg: /usr/bin/gpg2 --no-tty --armor --export-secret-key 54a2918f15c8ed4883ab3094c8dca2ce0ba1f1eb
2018-03-08T15:30:05.347140-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d5 | setting GPG_TTY=/dev/pts/5
2018-03-08T15:30:05.349870-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d6 gpg: key E556F226E7A024477A3E50B83F5DE9BF67B02069: error receiving key from agent: No pinentry - skipped
2018-03-08T15:30:05.350791-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d7 gpg: key 69D0094864F0337FDE45A2F540466ED724E93FFC: error receiving key from agent: No pinentry - skipped
2018-03-08T15:30:05.351564-09:00 ▶ [DEBU keybase <autogenerated>:1] 0d8 gpg: key 1CFBAFFE750840199AEB2E787613695982990B0F: error receiving key from agent: No pinentry - skipped

When I set keybase config set gpg.command /usr/bin/gpg Then everything works fine.

[tgalopin]

I was in the same situation as @simonv3 and his fix did work.

[simonv3]

I actually just had to do this again (don't ask), and the same error popped up, and when I looked at my gpg-agent.conf file (in my case it was in ~/.gnupg/gpg-agent.conf) I saw that the pinentry referred to in it was not an actual place. I'm not sure how that got set wrong - my bad probably - but that's another place to go looking to fix this.

[ericglasser]

I may be wrong but it looks like this is a duplicate of https://github.com/keybase/client/issues/8132 and their solution to use keybase pgp select --no-import worked for me.