Bug 1268217 - unable to generate a gpg key [NEEDINFO]
Summary: unable to generate a gpg key
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: gnupg2
Version: 7.2
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-02 08:08 UTC by Oleg Fayans
Modified: 2016-12-01 00:28 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-25 13:38:25 UTC
Target Upstream Version:
tmraz: needinfo? (ofayans)

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Oleg Fayans 2015-10-02 08:08:09 UTC 
Description of problem:
As a part of building of custom rpm package as described here:
https://access.redhat.com/documentation/en-US/Red_Hat_Network_Satellite/5.3/html/Deployment_Guide/satops-rpm-building.html
I was trying to generate a gpg key for signing the package.
However the command `gpg --gen-key` keeps failing at the point of passphrase request: it says "gpg: cancelled by user".

Version-Release number of selected component (if applicable):
$ cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.2 Beta (Maipo)

$ rpm -q --whatprovides `which gpg`
gnupg2-2.0.22-3.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. gpg --gen-key

Actual results:

$ gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 2
DSA keys may be between 1024 and 3072 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Oleg Fayans
Email address: ofayans@redhat.com
Comment: 
You selected this USER-ID:
    "Oleg Fayans <ofayans@redhat.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

gpg: cancelled by user
gpg: Key generation canceled.


Expected results:

Key generation should succeed

Additional info:
Comment 2 Tomas Mraz 2015-10-02 08:47:02 UTC 
What's the output of rpm -qa | grep pinentry ?
Do you run this command in GUI session or from ssh?
Comment 3 Oleg Fayans 2015-10-02 12:58:12 UTC 
pinentry-0.8.1-14.el7.x86_64
And - yes, I'm running it in a ssh session.
Comment 4 Tomas Mraz 2015-10-02 13:18:36 UTC 
If you do:
$ pinentry
OK Your orders please
GETPIN

Does it display pin entry dialog?

Also is gpg-agent running? If you kill it, does it start when gpg2 is invoked to create the key?
Comment 5 Oleg Fayans 2015-10-02 13:45:23 UTC 
1. The pin entry dialog is presented as expected.
2. gpg-agent is running. When I kill it, it automatically starts at the last step of gpg --gen-key
Comment 6 Tomas Mraz 2015-12-02 12:39:29 UTC 
I tried to reproduce the problem but was unable to. GPG always generates the key for me after I enter the passphrase into the pinentry dialog twice.

I can reproduce the behaviour you reported only if I press cancel on the pinentry dialog.
Comment 8 RHEL Program Management 2016-04-25 13:38:25 UTC 
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Note You need to log in before you can comment on or make changes to this bug.