Encryption Nightmare - I can't turn it off

Tue Dec 4 20:00:00 GMT 2018

Luckily encryption is not working for me otherwise I never would have
stumbled on to this edge case😉

I have to enter the password from the command line. The GPG output includes
"gpg: gpg-agent is not available in this session".

I'm running Fedora 29, LXDE and kwin as I have been for years. This all
worked fine up until I upgraded to Fedroa 29. I have not spent much time
troubleshooting the proglem but when I setup LXDE to start kgpg on startup
I get this error:
======================================
The use of GnuPG Agent is enabled in GnuPG's configuration file
(~/.gnupg/gpg.conf).
However, the agent does not seem to be running. This could result in
problems with signing/decryption.
Please disable GnuPG Agent from KGpg settings, or fix the agent.
======================================
When I run gpg-agent it responds with:
gpg-agent[14606]: gpg-agent running and available

There may be a version conflict, gpg is 1.4.23, gpg-agent 2.2.9. I've seen
conflicting reports on whether this is a problem or not.

----
Brendan Coupe

----
Brendan Coupe

On Mon, Dec 3, 2018 at 12:49 AM Thomas Baumgart <thb at net-bembel.de> wrote:

> Hi,
>
> hope I am not too late in the discussion. It seems to me you hit a set of
> feature(s) and problem(s) here and in sum they don't make sense.
>
> First off: in case KMyMoney has saved a file as encrypted, it does know
> about it and no matter if you rename or decrypt externally: in case you
> save it (not save as) it will encrypt it if this is possible. This is
> purely a security feature so that you never save a file you think is
> encrypted in un-encrypted form by accident. So much for the feature part.
>
> With 'Save as' you should be able to save your data unencrypted. If that
> is not working for you (I still need to try to duplicate all the stuff you
> have done) then that is the bug part and I need to take care of it.
>
> The real problem is, why decryption does not work from within KMyMoney.
> One more question in that direction: in case you decrypt the file manually
> (I assume you do this using gpg on the command line), do you enter your gpg
> passphrase on the command line or does a window pop up?
>
>
> Regards
>
> Thomas
>
>
> On Montag, 3. Dezember 2018 02:22:55 CET Brendan Coupe wrote:
>
> > Here are the steps I took and the results:
> >
> > Starting with encryption turned off in the XML settings I copied a
> working
> > KMM file that was not encrypted and called it Test.kmy.
> >
> > I turned on encryption in the XML settings. Made a change and saved the
> > file with the same name using Save not Save as. The file did not get
> > encrypted.
> >
> > I then used Save as and used the same file name and it was saved with
> > encryption. At this point KMM could not open the file since it was
> > encrypted (the ultimate problem for another day but not what I'm dealing
> > with here).
> >
> > I decrypted it manually, opened it in KMM (encryption was still off in
> the
> > XML settings). I saved the file and it was encrypted so I could not open
> it
> > in KMM.
> >
> > I manually decrypted it and opened it in KMM. I used Save as to save it
> > with the same name. It still was encrypted.
> >
> > I decrypted it manually, opened it in KMM and used Save as to save it
> with
> > the xml file extension, Test.xml.
> >
> > Test.xml was not encrypted. I opened it and used Save as to save it with
> > the name Test.kmy and it was saved without being encrypted.
> >
> > Long story short if you ever encrypt a file you have to turn off
> > encryption, save it with the xml file extension and then open that file
> and
> > save it with the kmy file extension in order to stop encrypting the file
> > every time you save it.
> >
> > This is not obvious nor ideal.
> >
> > ----
> > Brendan Coupe
> >
> >
> > On Sun, Dec 2, 2018 at 2:11 PM Brendan Coupe <brendan at coupeware.com>
> wrote:
> >
> > > I reread your suggestion and realized I missed one step.
> > >
> > > Assuming my file is named OldMoney.kmy if I save as NewMoney.kmy it's
> > > encrypted.
> > >
> > > If I create a new file named NewMoney.kmy it's not encrypted. If I
> > > then open OldMoney.kmy and save as NewMoney.kmy it's encrypted.
> > >
> > > If I open OldMoney.kmy and Save as either OldMoney.xml or NewMoney.xml
> > > it is not encrypted.
> > >
> > > The dialog box asking it I want to encrypt the file never pops up.
> > >
> > > I was about to hit send when I decided to try something else. When I
> > > opened what I expected to be the encrypted MyMoney.kmy file it was not
> > > encrypted. I made a change and saved it and it's still not encrypted.
> > >
> > > Maybe saving it as OldMoney.xml fixed the problem???? I will try to
> > > reproduce the steps that would prove this later today.
> > >
> > > Something is definitely wrong/weird.
> > >
> > > ----
> > > Brendan Coupe
> > > On Sun, Dec 2, 2018 at 1:41 PM Jack <ostroffjh at users.sourceforge.net>
> > > wrote:
> > > >
> > > > Another wild thought.  Rename your old file (unencrypted) to the name
> > > > of the one you newly created and see if it still encrypts it while
> > > > saving.
> > > >
> > > > Also - when you did "Save as....", after choosing XML as storage
> type,
> > > > don't you get a dialog asking about which encryption key to use?  One
> > > > of the choices on that top dropdown should be not to use any key -
> thus
> > > > no encryption.
> > > >
> > > > On 2018.12.02 15:28, Brendan Coupe wrote:
> > > > > I already tried that and the new file is also encrypted.
> > > > >
> > > > > If I create a new file instead of using Save as on my existing file
> > > > > the file is not encrypted, I can gunzip it and I get plain text.
> > > > >
> > > > > I forgot to mention that I've had this problem on botht he old
> > > > > upgraded F29 computer and the clean install. I have removed the KMM
> > > > > config files and let new ones be created and still have the
> problem.
> > > > >
> > > > > ----
> > > > > Brendan Coupe
> > > > >
> > > > > On Sun, Dec 2, 2018 at 12:50 PM Jack
> > > > > <ostroffjh at users.sourceforge.net> wrote:
> > > > > >
> > > > > > On 2018.12.02 14:10, Brendan Coupe wrote:
> > > > > > > When I moved to 5.0 encryption no longer worked for me. I
> stopped
> > > > > > > encrypting my file and decided to wait since the developers
> were
> > > > > > > working on many issues at the time and I could get around it
> for
> > > > > the
> > > > > > > time being. At the time I was concerned that something in my
> > > > > system
> > > > > > > was preventing me from opening an encrypted file, it was not
> > > > > > > necessarily a KMM issue.
> > > > > > >
> > > > > > > Last week I decided to try encrypting my file to see if it
> > > > > worked. I
> > > > > > > have the old system which has been updated from Fedora 28 to
> > > > > Fedora
> > > > > > > 29. I also have a brand new Fedora 29 system.
> > > > > > >
> > > > > > > Encryption works fine. When I try to open the encrypted file
> with
> > > > > KMM
> > > > > > > it fails just like it did before. The error is: "Cannot open
> file
> > > > > as
> > > > > > > requested." The details are "Cannot read the file:
> > > > > > > /home/bcoupe/KMM/Coupes.kmy
> > > > > > >
> > > > >
> > >
> /usr/local/src/kmm/kmymoney-5.0-2018.11.28-09.48.21/kmymoney/plugins/xml/xmlstorage.cpp:148"
> > > > > > >
> > > > > > > This looks like the same error I was getting before. I can
> easily
> > > > > > > decrypt the file manually and then KMM opens it without a
> problem.
> > > > > > >
> > > > > > > I can live with an unencrypted file until I have time to dig
> > > > > deeply
> > > > > > > into this on different systems.
> > > > > > >
> > > > > > > The problem is when I uncheck "Use GPG encryption" in the KMM
> XML
> > > > > > > Storage plugin KMM still encrypts the file every time I save
> it. I
> > > > > > > have to manually decrypt it before I can open it.
> > > > > > >
> > > > > > > Am I missing something or is this a bug?
> > > > > >
> > > > > > I'm not sure, but would you try doing a "Save as.." instead of a
> > > > > save,
> > > > > > and use .xml instead of .kmy as the extension, and see if that
> will
> > > > > > properly save a version without encryption.  I suspect that even
> > > > > though
> > > > > > you unselected encryption in the plugin configuration, that might
> > > > > only
> > > > > > apply to newly created files, and an existing file is saved using
> > > > > the
> > > > > > encryption KMM thinks is already applied to it (even if it
> happens
> > > > > to
> > > > > > be wrong.)  Note this is only a guess on my part, but if it
> works,
> > > > > it
> > > > > > might help point the developers to the source of the problem.
> > > > > >
> > > > > > Jack
> > > > >
> > > >
> > >
> >
>
> --
>
> Regards
>
> Thomas Baumgart
>
> https://www.signal.org/       Signal, the better WhatsApp
> -------------------------------------------------------------
> Q: How do I deal with memory leaks?
> A: By writing code that doesn't have any. -- Bjarne Stroustrup
> -------------------------------------------------------------
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kmymoney-devel/attachments/20181204/ee7f17f1/attachment-0001.html>