Setting up GPG for Emacs

I know, everybody hates GPG these days (and for good reasons), but I’ve been looking at the Emacs bug database and getting annoyed with all the SMIME etc bugs that aren’t getting fixed, and thought I should do something about it.

I last used GPG in the nineties, and I’ve forgotten everything I possibly could have know about it, so I thought I, as a complete born-again novice, would be in a good position to write a how to set it up, so I started with

rm -r ~/.gnupg

and then

gpg --gen-key

and I then got to

What… century… is… this.

On my laptop, it stayed that way for ten minutes, until it got enough entropy, because /dev/urandom is obviously too insecure.

*sigh*

And then I got:

gpg: agent_genkey failed: No such file or directory
Key generation failed: No such file or directory

Which after some Duckgoing is because I removed the .gnupg directory, and the gpg agent doesn’t understand that, and gpg of course didn’t say anything about this until after collecting entropy for ten minutes.

So did I have a gpg agent running?

Err… apparently? About five hundred?

None of the recommended ways of restarting the agent worked (presumably because the .gnupg directory was removed, which makes sense), so I just

pkill gpg-agent

and went through creating the key again, and waited another ten minutes, and then everything was created, even the revocation certificate, which all the recipes on the Interweb says I have to create by hand?

Who knows.

Anyway, then interweb recipes say I should send the key to a key
server, like:

gpg --keyserver gpg.mit.edu --send-keys 29AEBB3

and then gpg helpfully says:

larsi@marnie:~$ gpg --keyserver gpg.mit.edu --send-keys 29AEBB3DDF5E83147CB9EC61EE84A168D288B04F
gpg: sending key EE84A168D288B04F to hkp://gpg.mit.edu
gpg: keyserver send failed: No name
gpg: keyserver send failed: No name

“No name.”

What could that mean? No name? In the key? Didn’t I enter my name there? No, it turns out that the “gpg.mit.edu” domain name doesn’t resolve. Which the error message could have said, you’d think? No?

It’s “pgp.mit.edu”. After which the command apparently works, because there’s no feedback, which is the universal way to say “yes, that worked”, I guess?

OK, now everything is set up, so I just have to figure out how to use it on the Gnus/Message side, I think?

How about if I test with a

C-c C-m C-c

and I get a

It worked! I sent an encrypted message! To myself! And Gnus decrypted it automatically, and Emacs used the gpg agent so I didn’t have to type the passphrase a billion times.

Hey, now I’m totally qualified to finally have a look at the SMIME bug reports.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s