https://bugs.kde.org/show_bug.cgi?id=458085
michaelk83 <mk.mat...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|UPSTREAM |---
--- Comment #36 from michaelk83 <mk.mat...@gmail.com> ---
Reopening because the fix should ideally be automated by KWallet when setting
up a GPG wallet, or at least properly documented.
To summarize:
This affects GPG wallets with Secret Service enabled. By default, GPG tries to
retrieve the key passphrase from Secret Service. If Secret Service is provided
by KWallet, this creates a dependency cycle, which prevents the wallet from
unlocking. There are three ways to break the cycle:
- Option A (recommended): To prevent GPG from trying to retrieve the passphrase
from Secret Service, add the `no-allow-external-cache` option to
`~/.gnupg/gpg-agent.conf`. You can either edit the file manually, or run: `echo
no-allow-external-cache:0:1 | gpgconf --change-options gpg-agent`. GPG will
prompt the user directly when the key passphrase is needed for the first time.
- Option B: Disable the Secret Service API support in KWallet settings. You may
use a different Secret Service provider if desired.
- Option C: Do not use a GPG wallet (downgrade to a traditional blowfish
wallet).
--
You are receiving this mail because:
You are watching all bug changes.
