gpg: can't connect to the agent: IPC connect call failed

12 Jan 2016 in TIL

This was a fun one to solve.

I keep my GPG keys on a vFat USB drive as I don't want to keep a copy on every machine that I use. Previously, I used Ubuntu and it worked fine as GPG used gnome-keyring to manage the keys. After upgrading to Arch however, I needed to run gpg-agent myself.

The error looked something like this:

bash
$ gpg --decrypt some-file
gpg: DBG: locking for '/home/michael/.gnupg/gnupg_spawn_agent_sentinel.lock' done via O_EXCL
gpg: can't connect to the agent: IPC connect call failed
gpg: encrypted with 2048-bit RSA key, ID 5C14441F, created 2014-08-19
"Michael Heap <[email protected]>"
gpg: decryption failed: No secret key

I thought "that's fine, I'll start GPG agent"

bash
$ gpg-agent --daemon
gpg-agent[12228]: error binding socket to '/home/michael/.gnupg/S.gpg-agent': Operation not permitted

This is because S.gpg-agent is a socket and you can't create sockets on vFat devices. Previously we could have used the --no-use-standard-socket option, but that was removed in gnupg v2.

The solution is to create a redirection file in ~/.gnupg/S.gpg-agent

bash
$ printf '%%Assuan%%\nsocket=/dev/shm/S.gpg-agent\n' > ~/.gnupg/S.gpg-agent

It should look like this:

bash
$ cat .gnupg/S.gpg-agent
%Assuan%
socket=/dev/shm/S.gpg-agent

Now if we run gpg-connect-agent to test it should come up fine