gpg: can't connect to the agent: IPC connect call failed

This was a fun one to solve.

I keep my GPG keys on a vFat USB drive as I don’t want to keep a copy on every machine that I use. Previously, I used Ubuntu and it worked fine as GPG used gnome-keyring to manage the keys. After upgrading to Arch however, I needed to run gpg-agent myself.

The error looked something like this:

$ gpg --decrypt some-file
gpg: DBG: locking for '/home/michael/.gnupg/gnupg_spawn_agent_sentinel.lock' done via O_EXCL
gpg: can't connect to the agent: IPC connect call failed
gpg: encrypted with 2048-bit RSA key, ID 5C14441F, created 2014-08-19
        "Michael Heap <[email protected]>"
gpg: decryption failed: No secret key

I thought “that’s fine, I’ll start GPG agent”

$ gpg-agent --daemon

gpg-agent[12228]: error binding socket to '/home/michael/.gnupg/S.gpg-agent': Operation not permitted

This is because S.gpg-agent is a socket and you can’t create sockets on vFat devices. Previously we could have used the --no-use-standard-socket option, but that was removed in gnupg v2.

The solution is to create a redirection file in ~/.gnupg/S.gpg-agent

$ printf '%%Assuan%%\nsocket=/dev/shm/S.gpg-agent\n' > ~/.gnupg/S.gpg-agent

It should look like this:

$ cat .gnupg/S.gpg-agent

%Assuan%
socket=/dev/shm/S.gpg-agent

Now if we run gpg-connect-agent to test it should come up fine


Published:
January 12, 2016

Category
Quick Fix