Enigmail cannot communicate with gpg-agent

email encryption thunderbird gnupg enigmail

5,949

Solution 1

While the answer of thisthatother only shows how to solve it on a Debian system, the approach is the same:

Downgrading.

Since Enigmail released version 1.9 on February the 23rd and the problems started from that day on, the only three solutions are:

Wait for Enigmail to sort things out and install their update to the 1.9.x and stop using encryption until they provide the update
Dig around and solve the problem yourself (which not everyone is capable of doing due to limited knowledge of the underlying software architecture)
Downgrade to 1.8.2, then wait for Enigmail to sort things out and upgrade to a 1.9.x that solves the error that occured with 1.9.

I can't help with 1 or 2, but with number 3:

Download Enigmail 1.8.2, which is the latest pre-1.9 version that didn't introduce the error
Uninstall Enigmail 1.9 through the Thunderbird Add-ons menu
From within that same menu, manually install the downloaded 1.8.2 file by clicking on the Add-ons configuration button at the top of the Thunderbird Add-ons page, left from the search text entry field
Restart Thunderbird

It should now work as before the update to Enigmail 1.9.

I would suggest to disable automatic updates for Enigmail until this bug introduced in 1.9 has been sorted out. You can disable them by clicking on the "more" Link that's in the description text of the Enigmail extension in the Thunderbird Add-ons page.

Solution 2

Thanks so much for everyone's detailed input on this issue.

I have a similar problem since my system updated to Enigmail 1.9 on Feb 25. I fixed the problem by uninstalling Enigmail 1.9 and switching to 1.8.

For me, this was easy since I use Debian 8 and I simply uninstalled Enigmail as a standalone addon and replaced it with the debian main repo's rendition of Enigmail (which, some research shows, happens to be version 1.8.2). Shrug. Have had no problems since that change. I hope that's useful to others and thanks again for putting me on the right track to solving the issue.

Solution 3

No need to downgrade enigmail plugin :

List item
Ubuntu 16.04
Thunderbird 45.2.0
Enigmail 1.9.5
gpg (GnuPG) 1.4.20

In a terminal :

killall gpg-agent
export GPG_TTY=$(tty)
gpg-agent --daemon /bin/bash

( --use-standard-socket is obsolete)

No need to restart Thunderbird.

Solution 4

I had the same problem in the sense that Enigmail suddenly threw this error message on every operation after having worked for many months. Disabling the GPG Password Agent component of GNOME Keyring resolved this issue for me – Enigmail then uses the “original” gpg-agent with a pinentry program (instead of the GNOME Keyring passphrase prompt) and everything works without issues.

I disabled the GNOME Keyring GPG password component using the default Ubuntu “Startup Applications” program:

You said that you did try to disable GNOME Keyring and that you were using GNOME Shell. Perhaps that did not work correctly? You could try using the same steps I have (Startup Applications/Unity) and see if that changes anything.

It seems that this issue was caused by a recent update in Enigmail (version 1.9 was released on February 23, 2016) since earlier, it could be used with GNOME Keyring without generating this error. The fact that disabling GNOME Keyring resolves the issue (and the timing) suggests that Enigmail bug #575 is related.

View more solutions

5,949

code_dredd

I've basically moved most of what I do, under a different name, over to:

Updated on September 18, 2022

Comments

code_dredd over 1 year
Update

As of Ubuntu 16.04, the plug-in works as expected and there's no need to downgrade as suggested in the accepted answer. The question was applicable to Ubuntu 15.04 and, maybe, 15.10.

Original Post

I've been using Thunderbird + Enigmail for years. I'm currently using Thunderbird 38.5.1, Enigmail version 1.9 (20160223-1641), and GPG 2.0.26 in my work PC (Ubuntu 15.04 64-bit, w/ Gnome Shell).

A few days ago, after 1yr+ of operation, Enigmail suddenly started complaining with the following error whenever I try to send a signed or encrypted email:

GnuPG reported an error in the communication with gpg-agent (a component of GnuPG).

This is a system setup or configuration error that prevents Enigmail from working properly and cannot be fixed automatically.

We strongly recommend that you consult our support web site at https://enigmail.net/faq.

I've gone through the FAQ page and tried several things, but I've not yet been able to fix the problem.

The pinentry command works fine, and shows the pinentry-qt4 window (i.e. not text-based):
```
pinentry <<EOT
SETDESC Hello World
CONFIRM
EOT
```
However, the gpg-agent-connect command fails:
```
gpg-connect-agent <<EOT
heredoc> GETINFO version
heredoc> EOT
ERR 280 not implemented
```
I've tried disabling the gnome keyring as suggested, but it doesn't work either. (Yes, I did restart the system in-between, but I also want to keep the keyring enabled as usual.) I also tried exporting and re-importing my Enigmail settings (i.e. renaming $HOME/.gnupg/ to something else in the meantime), but that did not work either.

Oddly enough, when I start the gpg-agent manually from the shell, and then start Thunderbird, it seems to be communicating with the gpg-agent, as shown below:
```
gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh
gpg-agent[6469]: enabled debug flags: command cache assuan
gpg-agent[6469]: directory `/home/ray/.gnupg' created
gpg-agent[6469]: directory `/home/ray/.gnupg/private-keys-v1.d' created
gpg-agent[6469]: listening on socket `/home/ray/.gnupg/S.gpg-agent'
gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 started
#
# Thunderbird started at this point
#
$ gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 started
gpg-agent[6470]: chan_7 -> OK Pleased to meet you, process 6470
gpg-agent[6470]: chan_6 <- OK Pleased to meet you, process 6470
gpg-agent[6470]: chan_6 -> GETINFO pid
gpg-agent[6470]: chan_7 <- GETINFO pid
gpg-agent[6470]: chan_7 -> D 6470
gpg-agent[6470]: chan_7 -> OK
gpg-agent[6470]: chan_6 <- D 6470
gpg-agent[6470]: chan_6 <- OK
gpg-agent[6470]: chan_6 -> BYE
gpg-agent[6470]: chan_7 <- BYE
gpg-agent[6470]: chan_7 -> OK closing connection
gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated
```
I don't see any output if I try to send a signed and/or encrypted email, though. This only shows up when Thunderbird is started.

In addition, I added the /usr/bin/gpg-agent --daemon command as a startup application in the Gnome Startup Applications panel, but it made no difference.

I think I applied a regular update around 2/23, but the issue did not become visible until the system was restarted on 2/24 this week. Unfortunately, I don't remember which packages got updated, but there weren't that many. (I normally keep the system updated.)

Please note that this had been working w/o issues for years or so, until about 2 days ago. (I've also been using this setup in my home desktop PC for 4yrs+ without issues, but my work PC is a laptop, and Ubuntu sometimes does not work as nicely there for unknown reasons...)

When I try to open encrypted emails I've received (or saved drafts, which are also encrypted), I get the same error message about the gpg-agent, but it does decrypt the email message after asking me for my private key pass phrase.

Q: How can I solve this communication error that prevents me from sending signed/encrypted emails?

To consider the problem fixed, the situation needs to go back to working normally without the error messages, etc.

Thanks in advance for any help that you can provide to help fix this problem.

While I was writing this post, I noticed the following message from the gpg-agent daemon in the terminal:
```
# ...from previous output above
gpg-agent[6470]: chan_7 -> OK closing connection
gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated
#
# new/unexpected error message from agent
#
gpg-agent[6470]: can't connect my own socket: IPC connect call failed
gpg-agent[6470]: this process is useless - shutting down
gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 stopped
```
This showed up unexpectedly, as I didn't ask Thunderbird to do anything in particular in the meantime.

I updated from 15.04 -> 15.10 -> 16.04 and can confirm that Thunderbird 38.6 + Enigmail 1.9.1 are working normally for me. The output of the commands is also what they should be:
```
➜  ~ pinentry <<EOT
heredoc> SETDESC Hello World
heredoc> CONFIRM
heredoc> EOT
OK Pleased to meet you
OK
OK
➜  ~ gpg-connect-agent <<EOT
heredoc> GETINFO version
heredoc> EOT
D 2.1.11
OK
```
thisthatother about 8 years

thanks to previous posters for the detailed info that helped me figure out a solution to my particular case. i hope it works out for others as well
code_dredd about 8 years

I was able to dig a bit more into this yesterday. I did find that the ERROR hijack message shows up in the log. I had tried disabling the same option you had there already, but the issue is that when I did that, then then it never gets to talk to gpg-agent because the pinentry prompt for the pass-phrase never shows up (i.e. I get a different error message prior to any communication attempt with gpg-agent). I'll give another go at this when I get back to work tomorrow.
code_dredd about 8 years

Interesting find. However, I'm not using Debian, and while a Debian-specific solution might work for just a few, having a more general solution is preferable.
Socob about 8 years

Well, this should work in any case – one would just need to get one’s hands on an older version of Enigmail (I don’t think there should be any comptatibility issues with .xpi files).
Socob about 8 years

I think you mean “I can't help with 1 or 2, but with number 3”.
code_dredd about 8 years

@Bran: Note that after switching Enigmail versions you may get an error message about your key not being found or being "expired", even after restarting Thunderbird. I actually had to fully restart my PC to get around that. For better or worse, this seems like the only practical solution at this time. Instead of breaking their software, they should've given the user an option to choose what to do (e.g. allow interaction through gnome keyring)
code_dredd about 8 years

Actual message: Enigmail Key ... not found or not valid. The (sub-)key might have expired.
Socob about 8 years

Well, since a bug report was created by one of the maintainers about this very shortly after release, it doesn’t seem to be an intentional change. Strangely, the bug report in question has been deleted now, though...
Matthias about 8 years

This workaround fixes the issue for me too. No problems since.
Matthias about 8 years

The approach of @thisthatother works for ubuntu too, see packages.ubuntu.com/search?keywords=enigmail ... Ubuntu provides enigmail as apckage with version 1.8.2 currently for all ubuntu versions.
xuhdev about 8 years

The Enigmail bug link is broken...
Socob about 8 years

@xuhdev Yes, the bug was removed shortly after creation. I have no idea why, though.
code_dredd about 8 years

I just updated 15.04 -> 16.04 and can confirm that Thunderbird 38.6 + Enigmail 1.9.1 are working normally for me.
code_dredd over 7 years

True. I had stated there was no need to downgrade as a comment, but I've updated the post to make it very visible.