Bug 1268217

Summary: unable to generate a gpg key
Product: Red Hat Enterprise Linux 7 Reporter: Oleg Fayans <ofayans>
Component: gnupg2Assignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.2CC: amarecek, ofayans, rsawhill
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-25 13:38:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Oleg Fayans 2015-10-02 08:08:09 UTC 
Description of problem:
As a part of building of custom rpm package as described here:
https://access.redhat.com/documentation/en-US/Red_Hat_Network_Satellite/5.3/html/Deployment_Guide/satops-rpm-building.html
I was trying to generate a gpg key for signing the package.
However the command `gpg --gen-key` keeps failing at the point of passphrase request: it says "gpg: cancelled by user".

Version-Release number of selected component (if applicable):
$ cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.2 Beta (Maipo)

$ rpm -q --whatprovides `which gpg`
gnupg2-2.0.22-3.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. gpg --gen-key

Actual results:

$ gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 2
DSA keys may be between 1024 and 3072 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Oleg Fayans
Email address: ofayans
Comment: 
You selected this USER-ID:
    "Oleg Fayans <ofayans>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

gpg: cancelled by user
gpg: Key generation canceled.


Expected results:

Key generation should succeed

Additional info:
Comment 2 Tomas Mraz 2015-10-02 08:47:02 UTC 
What's the output of rpm -qa | grep pinentry ?
Do you run this command in GUI session or from ssh?
Comment 3 Oleg Fayans 2015-10-02 12:58:12 UTC 
pinentry-0.8.1-14.el7.x86_64
And - yes, I'm running it in a ssh session.
Comment 4 Tomas Mraz 2015-10-02 13:18:36 UTC 
If you do:
$ pinentry
OK Your orders please
GETPIN

Does it display pin entry dialog?

Also is gpg-agent running? If you kill it, does it start when gpg2 is invoked to create the key?
Comment 5 Oleg Fayans 2015-10-02 13:45:23 UTC 
1. The pin entry dialog is presented as expected.
2. gpg-agent is running. When I kill it, it automatically starts at the last step of gpg --gen-key
Comment 6 Tomas Mraz 2015-12-02 12:39:29 UTC 
I tried to reproduce the problem but was unable to. GPG always generates the key for me after I enter the passphrase into the pinentry dialog twice.

I can reproduce the behaviour you reported only if I press cancel on the pinentry dialog.
Comment 8 RHEL Program Management 2016-04-25 13:38:25 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Comment 9 Red Hat Bugzilla 2023-09-14 03:06:08 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days