Like the title says, I upgraded my nixos-unstable after 3 weeks and now gpg -d foo.gpg tells me:
gpg: public key decryption failed: No pinentry
gpg: decryption failed: No secret key
Did anything change with regards to gpg or pinentry?
pinentry has been disabled by default. The commit includes a release note saying
GnuPG is now built without support for a graphical passphrase entry by default. Please enable the
gpg-agentuser service via the NixOS optionprograms.gnupg.agent.enable. Note that upstream recommends usinggpg-agentand will spawn agpg-agenton the first invocation of GnuPG anyway.
3 Likes
This doesn’t change anything for me, despite of programs.gnupg.agent.enables value, I get the pinentry error.
this worked after reboot
1 Like
Just installed nixos and for me it has never worked.
The problem appears to be that no matter what I say in configuration.nix, the gpg-agent ignores my ~/.gnupg/gnupg-agent.conf and only looks for the pinentry in the same store path where gpg itself resides.
Which renders me completely unable to get any prompt (no matter whether it’s graphical or tty).
A workaround was to disable gpg-agent system wide and manually start the agent with everything user-installed (i.e. pinentry and gnupg)