Red Hat Bugzilla – Bug 601986
emacs will not cache passphrase for symmetric encryption
Last modified: 2013-08-01 14:32:22 EDT
Under previous versions (F12 and before) emacs would cache the passphrase used to decrypt a symmetrically-encrypted file, and use it to re-encrypt the file when it was saved. This meant the passphrase only had to be typed once.
To get this behavior, one included in the .emacs file a line
(setq epa-file-cache-passphrase-for-symmetric-encryption t)
But doing this no linger works. On saving the file, emacs now prompts twice for the passphrase, so it has to be typed 3 times altogether.
This is related to bug 574406, and arises from the removal of gnupg and its replacement with gnupg2 in Fedora 13. The problem is that Fedora 13 has symlinked /usr/bin/gpg2 to /usr/bin/gpg, so when emacs tries to run gpg it gets gpg2 which behaves differently.
The fix is to install gnupg 1.X, which unfortunately is not available as a package. You have to download the source from http://www.gnupg.org (make sure you get GnuPG 1.4.10, not 2.X.), and then install it via the traditional ./configure; make; make install. That puts gpg in /usr/local/bin and since this is before /usr/bin in my PATH it takes precedence over the /usr/bin/gpg symlink.
Has this bug been fixed by the gnupg-1.4 revival?
Yes. I uninstalled my /usr/local copy of gnupg-1.4 and, with the Fedora gnupg package installed, emacs deals with encrypted files just fine. Thank you!
This bug has now recurred in Fedora 17. The symptoms are exactly as before: even though the .emacs file contains (setq epa-file-cache-passphrase-for-symmetric-encryption t), emacs prompts twice for the passphrase when you save the file.
Reopening on Mark's request.
In Fedora 17 the problem can be fixed by telling emacs not to use gpg-agent to get the passphrase. This is done by adding this line to the .emacs configuration file:
(setenv "GPG_AGENT_INFO" nil)
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
This message is a reminder that Fedora 17 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 17. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora
'version' of '17'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version prior to Fedora 17's end of life.
Bug Reporter: Thank you for reporting this issue and we are sorry that
we may not be able to fix it before Fedora 17 is end of life. If you
would still like to see this bug fixed and are able to reproduce it
against a later version of Fedora, you are encouraged change the
'version' to a later Fedora version prior to Fedora 17's end of life.
Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.
Fedora 17 changed to end-of-life (EOL) status on 2013-07-30. Fedora 17 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version.
Thank you for reporting this bug and we are sorry it could not be fixed.