# Thunderbird 2.0 and gpg

## Genetic

Hello,

since the thunderbird 2 upgrade I can't decrypt email encrypted with my public key. Thunderbird/Enigmail gives me the following error message:

 *Quote:*   

> 
> 
> OpenPGP Security Info
> 
> Error - secret key needed to decrypt message
> ...

 

(I replaced the key IDs with ... and changed the email addresses). The second key is mine (the one above the "General error" line. As I'm not familiar with gpg, can someone give me a hint of what's wrong or how to fix it? It worked just fine with Thunderbird 1.x.

Thanks in advance

//Genetic

----------

## IQgryn

You may need to re-emerge enigmail after upgrading thunderbird.

----------

## Genetic

I already did that. I even did an 'emerge -e thunderbird', where the last ebuild is enigmail.

By the way: I also tried gpg --encrypt and gpg --decrypt which worked for my private/public key.

//Genetic

----------

## Genetic

Little addition: I just tried Thunderbird 1.5 and it works...

Do you think it is a bug in Thunderbird 2?

//Genetic

----------

## meadlin

Having the same problems here.  Exist when using the xpi version of enigmail with the mozilla-thunderbird ebuild also.  Note, I'm not using the mozilla-thunderbird-bin ebuild, but enigmail generates the error with the 0.95 ebuild of enigmail as well.

----------

## karnesky

The enigmail in portage with Thunderbird 2 mangles my outgoing PGP/MIME messages.  The XPI version leads to the errors reported previously.  This is on two different boxes (an x86 and an amd64).  Something funny is going on.

Reverting to TB 1.5 fixes everything.

----------

## meadlin

Ok, after uninstalling the XPI, and the ebuild, and the mozilla-thunderbird ebuild...

If you install the mozilla-thunderbird-bin ebuild, then install the XPI version of enigmail, it works, at least for me.

----------

## Skyr

Same problem here, just emerged thunderbird-2.0 (source, not the bin package) and enigmail; as a workaround, I just set up gpg-agent: Emerge app-crypt/pinentry and net-misc/keychain. Put the following in your ~/.gnupg/gpg-agent.conf:

```

pinentry-program usr/bin/pinentry-gtk-2

default-cache-ttl 7200

max-cache-ttl 14400

```

Make sure your gpg-agent is running (and the environment is set properly) - keychain helps you with that. Thunderbird/Enigmail will use the gpg-agent daemon - which in turn will ask for a passphrase when needed.

----------

## grafrotz

i had the same problem in mozilla-thunderbird 2.0.0.0 and enigmail-0.95.0-tb.xpi. (i compiled mozilla-thunderbird from source - emerge - and downloaded the xpi by hand.)

```

...

gpg: Problem mit dem Agenten: Ungültige IPC Antwort

...

gpg: Entschlüsselung mit Public-Key-Verfahren fehlgeschlagen: Allgemeiner Fehler

gpg: Entschlüsselung fehlgeschlagen: Kein geheimer Schlüssel

```

i found that it happens too without mozilla-thunderbird. i saved an email-source-code to a textfile and tried in the console: "gpg email.txt". i received the same errors as in thunderbird. so the problem is in gpg and/or pinentry.

i found that /usr/bin/pinentry-gtk-2 causes the problem.

 :Laughing:  my solution   :Laughing:  is to use another pinentry frontend: nano -w ~/.gnupg/gpg-agent.conf 

```

pinentry-program /usr/bin/pinentry-qt

default-cache-ttl 7200

max-cache-ttl 14400

```

nano -w ~/.gnupg/gpg.conf

```

# Passphrase agent

use-agent

```

first i tried it with 

```

gpg-agent --daemon

and copy&paste the output line to the command line (for example: "GPG_AGENT_INFO=/tmp/gpg-HqVL2H/S.gpg-agent:24323:1; export GPG_AGENT_INFO;")

```

but i noticed that when not starting "gpg-agent --daemon", gpg works too.

it works from the command line "gpg email.txt" and it works too out of thunderbird!

tip: start thunderbird from a console and watch the output.

update: using "pinentry-program /usr/bin/pinentry-curses" in the ~/.gnupg/gpg-agent.conf works too from the command line, but can not be used out of thunderbird (?!)... 

perhaps the easiest solution is:

```

USE="-gtk qt3" emerge app-crypt/pinentry

```

and perhaps the problem is caused by gtk+...

----------

