Page MenuHome GnuPG

gpg key generation failure
Closed, WontfixPublic


My gpg key generation is failing on macOS

➜  ~ gpg --status-fd 1 --gen-key
gpg (GnuPG/MacGPG2) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: failed to create temporary file '/Users/abc/.gnupg/.#lk0x00007fee7d606480.IT/01/1.914': No such file or directory
gpg: keyblock resource '/Users/abc/.gnupg/pubring.kbx': No such file or directory
[GNUPG:] ERROR add_keyblock_resource 33587281
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: abcdef
Email address:
You selected this USER-ID:
    "abcdef <>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: failed to create temporary file '/Users/abc/.gnupg/.#lk0x00007fee7d40ad20.IT/01/1.914': No such file or directory
gpg: can't connect to the agent: No such file or directory
gpg: agent_genkey failed: No agent running
Key generation failed: No agent running
[GNUPG:] ERROR key_generate 33554509

I am suspecting it's because of forward slashes in my hostname. However, I can't change hostname as of now, is there any alternative for key generation. Also, I tried import key which also fails with same error on not able to create the lock file.



Event Timeline

werner added a subscriber: werner.

Sorry, a hostname with slash is simply not allowed by IETF standards. Given that the hostname is part of temporary file names, you will run into an error. Yes, we could remap the slash in the mktemp function but there are lot of other plzces where the hostname is used and certain properties are expected.

Why the hell does macOS allow invalid characters in the hostname?

Currently, I am using --lock-never config to avoid generating lock file as a workaround.

werner claimed this task.