GnuPG 2.2 refuses secret key import: "error sending to agent: operation cancelled"

Question

I'm trying to import my PGP identity including secret keys to a new computer by connecting to a computer which has the secret key, and running

ssh othercomputer cat myself.gpg | gpg2 --import

When doing this, it looks like GPG is importing the public keys, but not the private ones. When examining the output closer, I can see that it says "error sending to agent: operation cancelled" which I assume has something to do with the problem.

I have

tried specifying a pinentry-program in gpg-agent.conf;
restarted gpg-agent and triple-checked it is running; and
verified that the versions of gpg-agent and gpg match.

kqr · Accepted Answer · 2018-01-18 14:38:39Z

2

The issue – I think – is that GnuPG detects that it is running in a pipe, i.e. in a non-interactive shell. Since non-interactive means there's no user interacting with it, there is little point in showing a pinentry dialog – at least in most cases.

The easiest solution is to store myself.gpg on the local drive and then import it in a separate command. I understand this solution may have some repercussions in terms of privacy and secrecy, so do understand the consequences of this choice before you blindly follow advice.

answered Jan 18, 2018 at 14:38

kqr

1891 silver badge6 bronze badges

A similar issue occurs when trying to import password-protected private key via pipe from paperkey.
– elquimista
Commented Nov 12, 2018 at 18:21
2

@kqr that is true, and the solution is to use a text-based pinentry, like pinentry-curses. You might have it already installed, but another pinentry program is the default one. On Debian you can sudo update-alternatives --config pinentry to set the ncurses version as default. This is usually a symlink from /usr/bin/pinentry -> /etc/alternatives/pinentry -> /usr/bin/pinentry-curses.
– goetz
Commented Jan 6, 2019 at 18:54
1

@goetzc Thanks, this helped me out today!
– Mark LeMoine
Commented Apr 4, 2019 at 18:00

Add a comment |

Deathgrip · Accepted Answer · 2021-07-23 21:48:11Z

0

Set pinentry-mode on the command line or in the ~/.gnupg/gpg.conf file.

--pinentry-mode loopback

or just

pinentry-mode loopback in the config file.

answered Jul 23, 2021 at 21:48

Deathgrip

1092 bronze badges

Add a comment |

Flavius Burca · Accepted Answer · 2021-08-30 05:36:04Z

-1

Adding pinentry-mode loopback in the ~/.gnupg/gpg.conf file works for Ubuntu 20.04

answered Aug 30, 2021 at 5:36

Flavius Burca

1

Add a comment |

Stack Exchange Network

GnuPG 2.2 refuses secret key import: "error sending to agent: operation cancelled"

3 Answers 3

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
gnupg
import
gpg-agent
.

Hot Network Questions

GnuPG 2.2 refuses secret key import: "error sending to agent: operation cancelled"

3 Answers 3

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged gnupgimportgpg-agent.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
gnupg
import
gpg-agent
.