1
When I try to use "gpg --gen-key" (v2.1.2 on archlinux) with an user I just created ("backtest"), it works when I open a terminal for that, but not when I'm logged in with another user and then "su -l backtest".
That's what I'm running:
[backtest@server ~]$ echo "pinentry-program /usr/bin/pinentry-curses" >.gnupg/gpg-agent.conf
[backtest@server ~]$ echo RELOADAGENT | gpg-connect-agent
OK
[backtest@server ~]$ GPG_TTY=`tty` gpg --gen-keygpg
and that's what I get:
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: agent_genkey failed: Operation cancelled
Key generation failed: Operation cancelled
maybe this is relevant, but the pinentry is done in a kind of a dialog, like this image: http://www.soum.co.jp/misc/_images/gpg-agent.png
– Lem0n – 2015-04-06T04:13:38.1771I'm not sure, but I guess that if it wants to measure mouse movements to generate the random numbers for the key, it needs to talk to the window manager in some special way.
su
changes the UID of your shell, but your window manager is still running under your UID — and therefore,gpg
might not have the necessary privileges to talk directly to the window manager. – Scott – 2015-04-06T05:12:40.400hm, that makes some sense. But can it detect mouse movements on a "real" local terminal? – Lem0n – 2015-04-06T05:20:35.933