Page MenuHome GnuPG

gpg-agent/pinentry does work on certain ttys (/dev/pts/?)
Closed, ResolvedPublic


gnupg-agent 2.0.14-0kk1 (same problem with 2.0.13) and pinentry 0.7.6-0kk1 on
Debian lenny:

When I want to decrypt or sign mails using mutt (with gpgme) and have no
$DISPLAY variable set (screen, ssh session or just by unsetting DISPLAY) it
usually works.

But then the tty is /dev/pts/0 or /dev/pts/2, pinentry(-curses) does not appear!
I did not find other single-digit pts ttys to verify, but other bug reports
indicate that any /dev/pts/(single-digit) exposes the problem. On other ttys
(e.g. /dev/pts/46 or /110) it works fine on the same system.

Other reports that might have been caused by this problem:



Event Timeline

What pinentry version are you using (qt or another one)?
Did you set the GPG_TTY envvar?

  • Werner Koch via BTS <> [20100317 16:00]:

Werner Koch <> added the comment:

What pinentry version are you using (qt or another one)?

pinentry-qt is called, but since being used without a display, I get
the curses dialog in those cases it works.

Did you set the GPG_TTY envvar?

Yes, in my .bashrc.
(but I had the identical problem in the past without GPG_TTY, too)


Still a problem with gnupg-agent 2.0.14-0kk2 and pinentry (or pinentry-qt in
curses mode because of unset $DISPLAY) 0.7.6-0kk1 on Debian lenny:
Does not work on /dev/pts/7, works on /dev/pts/72

Just had the problem on /dev/pts/9 while no problems since 2010-07-29 (because I
usually start mutt in a certain screen window where I made sure that it has a
high-enough tty number)

If in the same terminal (screen window) I export GPG_AGENT_INFO to a different
gpg agent which has access to a $DISPLAY (mutt still without $DISPLAY),
pinentry-qt opens and works fine.

Today I just had the problem again (/dev/pts/9, still same verisons as in T1203 (thomas on Jul 29 2010, 03:35 PM / Roundup))

Sounds good. I'll test it as soon as we have a kk package for the next release.

STABLE-BRANCH-2-0 344d72b
has the fix. Patch below.

  • a/common/session-env.c

+++ b/common/session-env.c
@@ -183,10 +183,11 @@ update_var (session_env_t se, const char *string, size_t

else if (!strncmp (se->array[idx]->name, string, namelen)
         && strlen (se->array[idx]->name) == namelen)
  • /* Check if the value is the same; no need to update it,
  • except for updating the default flag. */ if (strlen (se->array[idx]->value) == valuelen) {

+ /* The new value has the same length. We can update it
+ in-place. */
+ memcpy (se->array[idx]->value, value, valuelen);

  se->array[idx]->is_default = !!set_default;
  return 0;

the stable 2.0 version (currently version 2.0.16) is known as STABLE-BRANCH-2.0;
the stable 1.4 version of GnuPG (1.4.11) is known under as STABLE-BRANCH-2.0.
I guess I should look at the first of the two :)

Bernhard, can someone provide patched kk binaries?

oops. Website fixed. The branch names are
Note the dashs. We don't use a dot because the names date back to CVS and that
does not allow a dot in the name.

I did not have a chance to test 2.0.17 or the patch yet, but for the archive:
I just have an instance of gpg-agent, which does not allow ttys matching
"/dev/pts/??", i.e. two digits. On three-digit-ttys it works. Maybe the
behaviour depends on the length of tty when the gpg-agent was started first or
something similar.

Anyway, looks like the same problem to me, so no further investigation needed.

Meanwhile even 2.0.18 is out. Closing it.

werner claimed this task.
werner added a project: Too Old.
werner removed a project: Restricted Project.