I know, everybody hates GPG these days (and for good reasons), but I’ve been looking at the Emacs bug database and getting annoyed with all the SMIME etc bugs that aren’t getting fixed, and thought I should do something about it.
I last used GPG in the nineties, and I’ve forgotten everything I possibly could have know about it, so I thought I, as a complete born-again novice, would be in a good position to write a how to set it up, so I started with
rm -r ~/.gnupg
and then
gpg --gen-key
and I then got to
What… century… is… this.
On my laptop, it stayed that way for ten minutes, until it got enough entropy, because /dev/urandom is obviously too insecure.
*sigh*
And then I got:
gpg: agent_genkey failed: No such file or directory Key generation failed: No such file or directory
Which after some Duckgoing is because I removed the .gnupg directory, and the gpg agent doesn’t understand that, and gpg of course didn’t say anything about this until after collecting entropy for ten minutes.
So did I have a gpg agent running?
Err… apparently? About five hundred?
None of the recommended ways of restarting the agent worked (presumably because the .gnupg directory was removed, which makes sense), so I just
pkill gpg-agent
and went through creating the key again, and waited another ten minutes, and then everything was created, even the revocation certificate, which all the recipes on the Interweb says I have to create by hand?
Who knows.
Anyway, then interweb recipes say I should send the key to a key
server, like:
gpg --keyserver gpg.mit.edu --send-keys 29AEBB3
and then gpg helpfully says:
larsi@marnie:~$ gpg --keyserver gpg.mit.edu --send-keys 29AEBB3DDF5E83147CB9EC61EE84A168D288B04F gpg: sending key EE84A168D288B04F to hkp://gpg.mit.edu gpg: keyserver send failed: No name gpg: keyserver send failed: No name
“No name.”
What could that mean? No name? In the key? Didn’t I enter my name there? No, it turns out that the “gpg.mit.edu” domain name doesn’t resolve. Which the error message could have said, you’d think? No?
It’s “pgp.mit.edu”. After which the command apparently works, because there’s no feedback, which is the universal way to say “yes, that worked”, I guess?
OK, now everything is set up, so I just have to figure out how to use it on the Gnus/Message side, I think?
How about if I test with a
C-c C-m C-c
and I get a
…
It worked! I sent an encrypted message! To myself! And Gnus decrypted it automatically, and Emacs used the gpg agent so I didn’t have to type the passphrase a billion times.
Hey, now I’m totally qualified to finally have a look at the SMIME bug reports.
It’s pgp.mit.edu, not gpg.mit.edu – just ran into the same issue, then discovered my typo…
Yeah, every year I have to deal with GPG upon expiration of my keys and also its wierd error messages: “No name!!!” In my case the “–keyserver” hat to appear before “–send-key”, otherwise it would not work. (apparently everything after –sendkey(s) is considered a keyi id).