git-annex/doc/forum/GPG_passphrase_handling.txt

Hello!
I'm using OSX 10.9 and have installed gpg (and gpg2, if it matters) through
homebrew and git-annex through cabal. I also installed
https://github.com/joeyh/git-remote-gcrypt like the UI told me.

Whenever I'm trying to add an encrypted remote through the web UI I get a
lot of "You need a passphrase to unlock the secret key for user:" on stdout
and, obviously, I can't enter my passphrase (If I could I wouldn't make this
post to begin with :))
Is this behavior normal? What should I do to work around it?
I did also try to not use the web UI by using this command:
git annex initremote rsync.net type=gcrypt gitrepo=user@host:directory encryption=pubkey keyid=X

Because of this I can't copy files to my remotes. All I get is:
-----
$ git annex copy --to rsync.net
copy MySecretFile (gpg) 
You need a passphrase to unlock the secret key for
user: "user"
4096-bit RSA key, ID X, created 2013-10-01 (main key ID Y)

(checking rsync.net...) (to rsync.net...) gpg: no valid addressees
gpg: [stdin]: encryption failed: No user ID
failed
-----

Yes, I am using gpg-agent. When other applications ask for my passphrase I get
the pinentry dialog from GPGTools, just like I've configured it in
~/.gnupg/gpg-agent.conf, but this isn't the case with git-annex.

If I remove GPGTools from /usr/local/bin with: ``brew link --overwrite gnupg &&
brew link --overwrite gnupg2'' it works *slightly* better. 
I get that pinentry dialog I want but when I do a copy I get:
-----
$ git annex copy --to rsync.net
copy MySecretFile (gpg) (checking rsync.net...) (to rsync.net...) gpg: no valid addressees
gpg: [stdin]: encryption failed: no such user id
failed
-----

--debug shows me it is executing gpg llke so:
-----
gpg ["--batch","--no-tty","--use-agent","--quiet","--trust-model","always","--batch","--encrypt","--no-encrypt-to","--no-default-recipient","--force-mdc","--no-textmode"]
-----
2013-10-29 23:31:31 +00:00			`Hello!`
			`I'm using OSX 10.9 and have installed gpg (and gpg2, if it matters) through`
2013-10-29 23:50:54 +00:00			`homebrew and git-annex through cabal. I also installed`
			`https://github.com/joeyh/git-remote-gcrypt like the UI told me.`
2013-10-29 23:31:31 +00:00
2013-10-29 23:50:54 +00:00			`Whenever I'm trying to add an encrypted remote through the web UI I get a`
2013-10-29 23:31:31 +00:00			`lot of "You need a passphrase to unlock the secret key for user:" on stdout`
2013-10-30 01:13:28 +00:00			`and, obviously, I can't enter my passphrase (If I could I wouldn't make this`
			`post to begin with :))`
2013-10-29 23:32:05 +00:00			`Is this behavior normal? What should I do to work around it?`
2013-10-30 01:12:21 +00:00			`I did also try to not use the web UI by using this command:`
			`git annex initremote rsync.net type=gcrypt gitrepo=user@host:directory encryption=pubkey keyid=X`

2013-10-30 01:10:06 +00:00			`Because of this I can't copy files to my remotes. All I get is:`
			`-----`
2013-10-30 01:14:53 +00:00			`$ git annex copy --to rsync.net`
			`copy MySecretFile (gpg)`
2013-10-30 01:10:06 +00:00			`You need a passphrase to unlock the secret key for`
			`user: "user"`
			`4096-bit RSA key, ID X, created 2013-10-01 (main key ID Y)`

			`(checking rsync.net...) (to rsync.net...) gpg: no valid addressees`
			`gpg: [stdin]: encryption failed: No user ID`
			`failed`
			`-----`
2013-10-29 23:31:31 +00:00
			`Yes, I am using gpg-agent. When other applications ask for my passphrase I get`
2013-10-29 23:42:14 +00:00			`the pinentry dialog from GPGTools, just like I've configured it in`
			`~/.gnupg/gpg-agent.conf, but this isn't the case with git-annex.`
2013-10-30 01:57:17 +00:00
			If I remove GPGTools from /usr/local/bin with: ``brew link --overwrite gnupg &&
			`brew link --overwrite gnupg2'' it works slightly better.`
			`I get that pinentry dialog I want but when I do a copy I get:`
			`-----`
			`$ git annex copy --to rsync.net`
			`copy MySecretFile (gpg) (checking rsync.net...) (to rsync.net...) gpg: no valid addressees`
			`gpg: [stdin]: encryption failed: no such user id`
			`failed`
			`-----`
2013-10-30 02:07:58 +00:00
			`--debug shows me it is executing gpg llke so:`
			`-----`
			`gpg ["--batch","--no-tty","--use-agent","--quiet","--trust-model","always","--batch","--encrypt","--no-encrypt-to","--no-default-recipient","--force-mdc","--no-textmode"]`
			`-----`