Enigmail cannot communicate with gpg-agent
Solution 1
While the answer of thisthatother only shows how to solve it on a Debian system, the approach is the same:
Downgrading.
Since Enigmail released version 1.9 on February the 23rd and the problems started from that day on, the only three solutions are:
- Wait for Enigmail to sort things out and install their update to the 1.9.x and stop using encryption until they provide the update
- Dig around and solve the problem yourself (which not everyone is capable of doing due to limited knowledge of the underlying software architecture)
- Downgrade to 1.8.2, then wait for Enigmail to sort things out and upgrade to a 1.9.x that solves the error that occured with 1.9.
I can't help with 1 or 2, but with number 3:
- Download Enigmail 1.8.2, which is the latest pre-1.9 version that didn't introduce the error
- Uninstall Enigmail 1.9 through the Thunderbird Add-ons menu
- From within that same menu, manually install the downloaded 1.8.2 file by clicking on the Add-ons configuration button at the top of the Thunderbird Add-ons page, left from the search text entry field
- Restart Thunderbird
It should now work as before the update to Enigmail 1.9.
I would suggest to disable automatic updates for Enigmail until this bug introduced in 1.9 has been sorted out. You can disable them by clicking on the "more" Link that's in the description text of the Enigmail extension in the Thunderbird Add-ons page.
Solution 2
Thanks so much for everyone's detailed input on this issue.
I have a similar problem since my system updated to Enigmail 1.9 on Feb 25. I fixed the problem by uninstalling Enigmail 1.9 and switching to 1.8.
For me, this was easy since I use Debian 8 and I simply uninstalled Enigmail as a standalone addon and replaced it with the debian main repo's rendition of Enigmail (which, some research shows, happens to be version 1.8.2). Shrug. Have had no problems since that change. I hope that's useful to others and thanks again for putting me on the right track to solving the issue.
Solution 3
No need to downgrade enigmail plugin :
- List item
- Ubuntu 16.04
- Thunderbird 45.2.0
- Enigmail 1.9.5
- gpg (GnuPG) 1.4.20
In a terminal :
killall gpg-agent
export GPG_TTY=$(tty)
gpg-agent --daemon /bin/bash
( --use-standard-socket is obsolete)
No need to restart Thunderbird.
Solution 4
I had the same problem in the sense that Enigmail suddenly threw this error message on every operation after having worked for many months. Disabling the GPG Password Agent component of GNOME Keyring resolved this issue for me – Enigmail then uses the “original” gpg-agent
with a pinentry program (instead of the GNOME Keyring passphrase prompt) and everything works without issues.
I disabled the GNOME Keyring GPG password component using the default Ubuntu “Startup Applications” program:
You said that you did try to disable GNOME Keyring and that you were using GNOME Shell. Perhaps that did not work correctly? You could try using the same steps I have (Startup Applications/Unity) and see if that changes anything.
It seems that this issue was caused by a recent update in Enigmail (version 1.9 was released on February 23, 2016) since earlier, it could be used with GNOME Keyring without generating this error. The fact that disabling GNOME Keyring resolves the issue (and the timing) suggests that Enigmail bug #575 is related.
Related videos on Youtube
code_dredd
I've basically moved most of what I do, under a different name, over to:
Updated on September 18, 2022Comments
-
code_dredd over 1 year
Update
As of Ubuntu 16.04, the plug-in works as expected and there's no need to downgrade as suggested in the accepted answer. The question was applicable to Ubuntu 15.04 and, maybe, 15.10.
Original Post
I've been using Thunderbird + Enigmail for years. I'm currently using Thunderbird 38.5.1, Enigmail version 1.9 (20160223-1641), and GPG 2.0.26 in my work PC (Ubuntu 15.04 64-bit, w/ Gnome Shell).
A few days ago, after 1yr+ of operation, Enigmail suddenly started complaining with the following error whenever I try to send a signed or encrypted email:
GnuPG reported an error in the communication with gpg-agent (a component of GnuPG).
This is a system setup or configuration error that prevents Enigmail from working properly and cannot be fixed automatically.
We strongly recommend that you consult our support web site at https://enigmail.net/faq.
I've gone through the FAQ page and tried several things, but I've not yet been able to fix the problem.
The
pinentry
command works fine, and shows thepinentry-qt4
window (i.e. not text-based):pinentry <<EOT SETDESC Hello World CONFIRM EOT
However, the
gpg-agent-connect
command fails:gpg-connect-agent <<EOT heredoc> GETINFO version heredoc> EOT ERR 280 not implemented
I've tried disabling the gnome keyring as suggested, but it doesn't work either. (Yes, I did restart the system in-between, but I also want to keep the keyring enabled as usual.) I also tried exporting and re-importing my Enigmail settings (i.e. renaming
$HOME/.gnupg/
to something else in the meantime), but that did not work either.Oddly enough, when I start the
gpg-agent
manually from the shell, and then start Thunderbird, it seems to be communicating with thegpg-agent
, as shown below:gpg-agent --debug-level expert --use-standard-socket --daemon /bin/sh gpg-agent[6469]: enabled debug flags: command cache assuan gpg-agent[6469]: directory `/home/ray/.gnupg' created gpg-agent[6469]: directory `/home/ray/.gnupg/private-keys-v1.d' created gpg-agent[6469]: listening on socket `/home/ray/.gnupg/S.gpg-agent' gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 started # # Thunderbird started at this point # $ gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 started gpg-agent[6470]: chan_7 -> OK Pleased to meet you, process 6470 gpg-agent[6470]: chan_6 <- OK Pleased to meet you, process 6470 gpg-agent[6470]: chan_6 -> GETINFO pid gpg-agent[6470]: chan_7 <- GETINFO pid gpg-agent[6470]: chan_7 -> D 6470 gpg-agent[6470]: chan_7 -> OK gpg-agent[6470]: chan_6 <- D 6470 gpg-agent[6470]: chan_6 <- OK gpg-agent[6470]: chan_6 -> BYE gpg-agent[6470]: chan_7 <- BYE gpg-agent[6470]: chan_7 -> OK closing connection gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated
I don't see any output if I try to send a signed and/or encrypted email, though. This only shows up when Thunderbird is started.
In addition, I added the
/usr/bin/gpg-agent --daemon
command as a startup application in the Gnome Startup Applications panel, but it made no difference.I think I applied a regular update around 2/23, but the issue did not become visible until the system was restarted on 2/24 this week. Unfortunately, I don't remember which packages got updated, but there weren't that many. (I normally keep the system updated.)
Please note that this had been working w/o issues for years or so, until about 2 days ago. (I've also been using this setup in my home desktop PC for 4yrs+ without issues, but my work PC is a laptop, and Ubuntu sometimes does not work as nicely there for unknown reasons...)
When I try to open encrypted emails I've received (or saved drafts, which are also encrypted), I get the same error message about the
gpg-agent
, but it does decrypt the email message after asking me for my private key pass phrase.Q: How can I solve this communication error that prevents me from sending signed/encrypted emails?
To consider the problem fixed, the situation needs to go back to working normally without the error messages, etc.
Thanks in advance for any help that you can provide to help fix this problem.
While I was writing this post, I noticed the following message from the
gpg-agent
daemon in the terminal:# ...from previous output above gpg-agent[6470]: chan_7 -> OK closing connection gpg-agent[6470]: handler 0x558fd8c23cf0 for fd 7 terminated # # new/unexpected error message from agent # gpg-agent[6470]: can't connect my own socket: IPC connect call failed gpg-agent[6470]: this process is useless - shutting down gpg-agent[6470]: gpg-agent (GnuPG) 2.0.26 stopped
This showed up unexpectedly, as I didn't ask Thunderbird to do anything in particular in the meantime.
I updated from 15.04 -> 15.10 -> 16.04 and can confirm that Thunderbird 38.6 + Enigmail 1.9.1 are working normally for me. The output of the commands is also what they should be:
➜ ~ pinentry <<EOT heredoc> SETDESC Hello World heredoc> CONFIRM heredoc> EOT OK Pleased to meet you OK OK ➜ ~ gpg-connect-agent <<EOT heredoc> GETINFO version heredoc> EOT D 2.1.11 OK
-
thisthatother about 8 yearsthanks to previous posters for the detailed info that helped me figure out a solution to my particular case. i hope it works out for others as well
-
code_dredd about 8 yearsI was able to dig a bit more into this yesterday. I did find that the
ERROR hijack
message shows up in the log. I had tried disabling the same option you had there already, but the issue is that when I did that, then then it never gets to talk togpg-agent
because thepinentry
prompt for the pass-phrase never shows up (i.e. I get a different error message prior to any communication attempt withgpg-agent
). I'll give another go at this when I get back to work tomorrow. -
code_dredd about 8 yearsInteresting find. However, I'm not using Debian, and while a Debian-specific solution might work for just a few, having a more general solution is preferable.
-
Socob about 8 yearsWell, this should work in any case – one would just need to get one’s hands on an older version of Enigmail (I don’t think there should be any comptatibility issues with .xpi files).
-
Socob about 8 yearsI think you mean “I can't help with 1 or 2, but with number 3”.
-
code_dredd about 8 years@Bran: Note that after switching Enigmail versions you may get an error message about your key not being found or being "expired", even after restarting Thunderbird. I actually had to fully restart my PC to get around that. For better or worse, this seems like the only practical solution at this time. Instead of breaking their software, they should've given the user an option to choose what to do (e.g. allow interaction through gnome keyring)
-
code_dredd about 8 yearsActual message:
Enigmail Key ... not found or not valid. The (sub-)key might have expired.
-
Socob about 8 yearsWell, since a bug report was created by one of the maintainers about this very shortly after release, it doesn’t seem to be an intentional change. Strangely, the bug report in question has been deleted now, though...
-
Matthias about 8 yearsThis workaround fixes the issue for me too. No problems since.
-
Matthias about 8 yearsThe approach of @thisthatother works for ubuntu too, see packages.ubuntu.com/search?keywords=enigmail ... Ubuntu provides enigmail as apckage with version 1.8.2 currently for all ubuntu versions.
-
xuhdev about 8 yearsThe Enigmail bug link is broken...
-
Socob about 8 years@xuhdev Yes, the bug was removed shortly after creation. I have no idea why, though.
-
code_dredd about 8 yearsI just updated 15.04 -> 16.04 and can confirm that Thunderbird 38.6 + Enigmail 1.9.1 are working normally for me.
-
code_dredd over 7 yearsTrue. I had stated there was no need to downgrade as a comment, but I've updated the post to make it very visible.