Ubuntu Oneiric: Thunderbird, Enigmail + SmartCard reader
Posted: Wed Feb 29, 2012 3:33 pm
I've just had to setup a new PC and am trying to get a Cryptocard with Smartcard-Reader (SCR335) to work. When I try to open an encrypted mail in Thunderbird (using Enigmail), the Reader blinks, but nothing happens
I'm not even asked for the PIN...
When opening "Details > Open PGP Security Info...", I was able to see what was going wrong behind the scenes:
I've used an old gpg-agent config, which pointed to a non-existing pinentry helper. So I updated ~/.gnupg/gpg-agent.conf to point to the correct pinentry tool and then killed and restarted gpg-agent.
Still didn't work:
Checking the current value of the GPG_AGENT_INFO environment variable showed, where Thunderbird got its ID from:
returned:
Puzzling at first, but the "eval $()" around the command makes sure that the environment variables are updated correctly.
Now I could simply have restarted my computer to update the IDs and make sure the environment variables are global, but for quick-testing, I've started Thunderbird *inside* the commandline shell I had open (with the updated, correct envvars): It worked!
I'm not even asked for the PIN...
When opening "Details > Open PGP Security Info...", I was able to see what was going wrong behind the scenes:
This error is caused by pointing to an invalid pinentry command.gpg command line and output:
/usr/bin/gpg
gpg: detected reader `SCM SCR 335 [CCID Interface] (21120819319285) 00 00'
gpg: problem with the agent - disabling agent use
gpg: can't query passphrase in batch mode
gpg: PIN callback returned error: general error
I've used an old gpg-agent config, which pointed to a non-existing pinentry helper. So I updated ~/.gnupg/gpg-agent.conf to point to the correct pinentry tool and then killed and restarted gpg-agent.
Still didn't work:
GPG was telling the truth: /tmp/gpg-vx87gL indeed didn't exist. But instead, restarting the gpg-agent has created 2 new folders in /tmp with new IDs. However, after restarting Thunderbird several times, it was still trying to find "vx-87gL" - so it obviously didn't get gpg-agent's current ID.gpg command line and output:
/usr/bin/gpg
can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': No such file or directory
gpg: detected reader `SCM SCR 335 [CCID Interface] (21120819319285) 00 00'
can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': No such file or directory
gpg: can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': connect failed
gpg: can't query passphrase in batch mode
gpg: PIN callback returned error: general error
Checking the current value of the GPG_AGENT_INFO environment variable showed, where Thunderbird got its ID from:
Code: Select all
set | grep GPG
After doing some reading, I found an article about GPG in a Wiki on ubuntu.com, which restarted gpg-agent like this:GPG_AGENT_INFO=/tmp/gpg-vx87gL/S.gpg-agent1
Code: Select all
killall -q gpg-agent
eval $(gpg-agent --daemon)
Now I could simply have restarted my computer to update the IDs and make sure the environment variables are global, but for quick-testing, I've started Thunderbird *inside* the commandline shell I had open (with the updated, correct envvars): It worked!