This was a fun one to solve.
I keep my GPG keys on a vFat USB drive as I don't want to keep a copy on every machine that I use. Previously, I used Ubuntu and it worked fine as GPG used
gnome-keyring to manage the keys. After upgrading to Arch however, I needed to run
The error looked something like this:
$ gpg --decrypt some-filegpg: DBG: locking for '/home/michael/.gnupg/gnupg_spawn_agent_sentinel.lock' done via O_EXCLgpg: can't connect to the agent: IPC connect call failedgpg: encrypted with 2048-bit RSA key, ID 5C14441F, created 2014-08-19"Michael Heap <[email protected]>"gpg: decryption failed: No secret key
I thought "that's fine, I'll start GPG agent"
$ gpg-agent --daemongpg-agent: error binding socket to '/home/michael/.gnupg/S.gpg-agent': Operation not permitted
This is because
S.gpg-agent is a socket and you can't create sockets on vFat devices. Previously we could have used the
--no-use-standard-socket option, but that was removed in gnupg v2.
The solution is to create a redirection file in
$ printf '%%Assuan%%\nsocket=/dev/shm/S.gpg-agent\n' > ~/.gnupg/S.gpg-agent
It should look like this:
$ cat .gnupg/S.gpg-agent%Assuan%socket=/dev/shm/S.gpg-agent
Now if we run
gpg-connect-agent to test it should come up fine