Hi there,

I am using KMail 1.12.2 and I tried to import existing key using the following methods:

1. Open Tools > Configure KMail, goto Identities and select the profile, click Modify.

2. Under Cryptography tab, under OpenPGP signed key select the key available in the system (existed), same goes to OpenPGP encryption key.

3. Click OK to exit Identities page. Now goto Security > Compose, tick everything under Encryption section except "Automatically encrypt message..."

4. Goto Crypto Backend, check OpenPGP.

5. Click OK to exist configuration.

When I compose New Email and click Sign button the header became green. But when I send it out, i got a message of "Bad Passphrase". The strange thing is KMail did not prompt me to enter any key passphrase.

What went wrong? Any missing packages I did not installed?

Note: Previously during Gnome session with Evolution, it was working perfectly.

Do you have the pinentry and pinentry-qt packages installed?

I had
- pinentry-qt4
- pinentry-gtk2

installed. but pinentry-qt not installed. Should I include that for KDE 4.3.2 also?

Do you have gpg-agent defined? My gpg-agent.conf has these lines

pinentry-program /usr/bin/pinentry-qt
default-cache-ttl 3600
allow-mark-trusted
debug-level basic
log-file socket:///home/anne/.gnupg/log-socket

annew wrote:Do you have gpg-agent defined? My gpg-agent.conf has these lines

pinentry-program /usr/bin/pinentry-qt
default-cache-ttl 3600
allow-mark-trusted
debug-level basic
log-file socket:///home/anne/.gnupg/log-socket

Nope. I don't have that config file. What should I do now? Create that file similar like yours? Location? Or any other packages i need to install?

many thanks

OK. I assume that your install of gpg has created ~/.gnupg, and that it contains gpg.conf, your public and private keyrings and trust database. Put the lines I gave you, edited to your own system, of course, into a text file called gpg-agent.conf, in that directory.

Then comes the tricky bit. You have to start gpg-agent, which as a one-off can be done from the command line, but is normally done during startup scripts. What makes it tricky is that different distros do this in different ways. On CentOS it's done by a file in ~/.kde/env/ called gpg-agent-startup.sh. In Fedora the name is the same, but it's in /etc.kde.env/. Anyway, you should be able to find the file in your system. Once it has that config file that you are going to create it should run, testing for a running gpg-agent and starting one if none exists.

From the command-line, I can't remember exactly, but the command is something like

eval gpg-agent -s --daemon

but you won't normally need to do this, other than this first, testing, start. Hope that helps.

annew wrote:OK. I assume that your install of gpg has created ~/.gnupg, and that it contains gpg.conf, your public and private keyrings and trust database. Put the lines I gave you, edited to your own system, of course, into a text file called gpg-agent.conf, in that directory.

Then comes the tricky bit. You have to start gpg-agent, which as a one-off can be done from the command line, but is normally done during startup scripts. What makes it tricky is that different distros do this in different ways. On CentOS it's done by a file in ~/.kde/env/ called gpg-agent-startup.sh. In Fedora the name is the same, but it's in /etc.kde.env/. Anyway, you should be able to find the file in your system. Once it has that config file that you are going to create it should run, testing for a running gpg-agent and starting one if none exists.

From the command-line, I can't remember exactly, but the command is something like

eval gpg-agent -s --daemon

but you won't normally need to do this, other than this first, testing, start. Hope that helps.

Thanks for the heads up. I had checked that my gpg is running with gpg --list-keys as well as my gpg-agent daemon is running using ps -eaf | grep gpg

Now I had created the gpg-agent.conf earlier and tonight i am going to do a reboot and try with a new signed email to verify.

repair1 wrote:1. You're going to need the gpg program. It's already being installed by default.

2. Create your own key (type this as yourself, not root): gpg --gen-key Follow the instruction, it's very clear and easy.

3. Check that it's already created:

gpg --list-key

Thanks I am following.

annew wrote:OK. I assume that your install of gpg has created ~/.gnupg, and that it contains gpg.conf, your public and private keyrings and trust database. Put the lines I gave you, edited to your own system, of course, into a text file called gpg-agent.conf, in that directory.

Then comes the tricky bit. You have to start gpg-agent, which as a one-off can be done from the command line, but is normally done during startup scripts. What makes it tricky is that different distros do this in different ways. On CentOS it's done by a file in ~/.kde/env/ called gpg-agent-startup.sh. In Fedora the name is the same, but it's in /etc.kde.env/. Anyway, you should be able to find the file in your system. Once it has that config file that you are going to create it should run, testing for a running gpg-agent and starting one if none exists.

From the command-line, I can't remember exactly, but the command is something like

eval gpg-agent -s --daemon

but you won't normally need to do this, other than this first, testing, start. Hope that helps.

Ok i had tried the command this is my output:

~$ eval gpg-agent -s --daemon
can't connect to `/home/david/.gnupg/log-socket': No such file or directory
GPG_AGENT_INFO=/tmp/gpg-vCXgHT/S.gpg-agent:2455:1; export GPG_AGENT_INFO;

am i missing anything?

Ok i had found the answer by referring to this URL http://developer.gauner.org/kmail-pgpmime/index.en.html

The only difference is I have to change the path of /usr/bin/pinentry-qt to /usr/bin/pinentry-qt4

of course there are some missing packages I did not installed including kpgp, gpgsm, kleopatra and their dependent packages.

so i consider this topic resolved.

Glad you got it sorted