Ubuntu Oneiric: Thunderbird, Enigmail + SmartCard reader

Linux howto's, compile information, information on whatever we learned on working with linux, MACOs and - of course - Products of the big evil....
Post Reply
User avatar
^rooker
Site Admin
Posts: 1483
Joined: Fri Aug 29, 2003 8:39 pm

Ubuntu Oneiric: Thunderbird, Enigmail + SmartCard reader

Post by ^rooker »

I've just had to setup a new PC and am trying to get a Cryptocard with Smartcard-Reader (SCR335) to work. When I try to open an encrypted mail in Thunderbird (using Enigmail), the Reader blinks, but nothing happens :(

I'm not even asked for the PIN...
When opening "Details > Open PGP Security Info...", I was able to see what was going wrong behind the scenes:
gpg command line and output:
/usr/bin/gpg
gpg: detected reader `SCM SCR 335 [CCID Interface] (21120819319285) 00 00'
gpg: problem with the agent - disabling agent use
gpg: can't query passphrase in batch mode
gpg: PIN callback returned error: general error
This error is caused by pointing to an invalid pinentry command.
I've used an old gpg-agent config, which pointed to a non-existing pinentry helper. So I updated ~/.gnupg/gpg-agent.conf to point to the correct pinentry tool and then killed and restarted gpg-agent.

Still didn't work:
gpg command line and output:
/usr/bin/gpg
can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': No such file or directory
gpg: detected reader `SCM SCR 335 [CCID Interface] (21120819319285) 00 00'
can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': No such file or directory
gpg: can't connect to `/tmp/gpg-vx87gL/S.gpg-agent': connect failed
gpg: can't query passphrase in batch mode
gpg: PIN callback returned error: general error
GPG was telling the truth: /tmp/gpg-vx87gL indeed didn't exist. But instead, restarting the gpg-agent has created 2 new folders in /tmp with new IDs. However, after restarting Thunderbird several times, it was still trying to find "vx-87gL" - so it obviously didn't get gpg-agent's current ID.

Checking the current value of the GPG_AGENT_INFO environment variable showed, where Thunderbird got its ID from:

Code: Select all

set | grep GPG
returned:
GPG_AGENT_INFO=/tmp/gpg-vx87gL/S.gpg-agent:1818:1
After doing some reading, I found an article about GPG in a Wiki on ubuntu.com, which restarted gpg-agent like this:

Code: Select all

killall -q gpg-agent
eval $(gpg-agent --daemon)
Puzzling at first, but the "eval $()" around the command makes sure that the environment variables are updated correctly.

Now I could simply have restarted my computer to update the IDs and make sure the environment variables are global, but for quick-testing, I've started Thunderbird *inside* the commandline shell I had open (with the updated, correct envvars): It worked!
Jumping out of an airplane is not a basic instinct. Neither is breathing underwater. But put the two together and you're traveling through space!
Post Reply