Encryption Nightmare - I can't turn it off

Thu Feb 7 20:11:30 GMT 2019

I solved my encryption problem so I wanted to explain how just in case
anyone else is having a similar problem.

This morning I saved a test file that was encrypted. When I tried to
open it with KMM the error said the file was not recognized. Same
problem that I described above.

Then I tried starting KMM from the command line. I was asked to enter
the password to unlock my file in the terminal. I did and the file
opened. I closed the file and tried again and my system remembered the
password. I am now able to run KMM from the program icon in my
application launch bar without a problem until the next time i logout
(or it times out).

I knew I was close so I tried several ideas I found on Google. The one
that worked is changing a line in ~/.gnupg/gpg-agent.conf from:

pinentry-program /usr/bin/pinentry-curses
to
pinentry-program /usr/bin/pinentry-gtk

Now I get a popup asking me for my password when I start KMM after a reboot.

----
Brendan Coupe

----
Brendan Coupe

On Tue, Dec 4, 2018 at 1:00 PM Brendan Coupe <brendan at coupeware.com> wrote:
>
> Luckily encryption is not working for me otherwise I never would have stumbled on to this edge case
>
> I have to enter the password from the command line. The GPG output includes "gpg: gpg-agent is not available in this session".
>
> I'm running Fedora 29, LXDE and kwin as I have been for years. This all worked fine up until I upgraded to Fedroa 29. I have not spent much time troubleshooting the proglem but when I setup LXDE to start kgpg on startup I get this error:
> ======================================
> The use of GnuPG Agent is enabled in GnuPG's configuration file (~/.gnupg/gpg.conf).
> However, the agent does not seem to be running. This could result in problems with signing/decryption.
> Please disable GnuPG Agent from KGpg settings, or fix the agent.
> ======================================
> When I run gpg-agent it responds with:
> gpg-agent[14606]: gpg-agent running and available
>
> There may be a version conflict, gpg is 1.4.23, gpg-agent 2.2.9. I've seen conflicting reports on whether this is a problem or not.
>
>
>
> ----
> Brendan Coupe
>
>
> ----
> Brendan Coupe
>
>
> On Mon, Dec 3, 2018 at 12:49 AM Thomas Baumgart <thb at net-bembel.de> wrote:
>>
>> Hi,
>>
>> hope I am not too late in the discussion. It seems to me you hit a set of feature(s) and problem(s) here and in sum they don't make sense.
>>
>> First off: in case KMyMoney has saved a file as encrypted, it does know about it and no matter if you rename or decrypt externally: in case you save it (not save as) it will encrypt it if this is possible. This is purely a security feature so that you never save a file you think is encrypted in un-encrypted form by accident. So much for the feature part.
>>
>> With 'Save as' you should be able to save your data unencrypted. If that is not working for you (I still need to try to duplicate all the stuff you have done) then that is the bug part and I need to take care of it.
>>
>> The real problem is, why decryption does not work from within KMyMoney. One more question in that direction: in case you decrypt the file manually (I assume you do this using gpg on the command line), do you enter your gpg passphrase on the command line or does a window pop up?
>>
>>
>> Regards
>>
>> Thomas
>>
>>
>> On Montag, 3. Dezember 2018 02:22:55 CET Brendan Coupe wrote:
>>
>> > Here are the steps I took and the results:
>> >
>> > Starting with encryption turned off in the XML settings I copied a working
>> > KMM file that was not encrypted and called it Test.kmy.
>> >
>> > I turned on encryption in the XML settings. Made a change and saved the
>> > file with the same name using Save not Save as. The file did not get
>> > encrypted.
>> >
>> > I then used Save as and used the same file name and it was saved with
>> > encryption. At this point KMM could not open the file since it was
>> > encrypted (the ultimate problem for another day but not what I'm dealing
>> > with here).
>> >
>> > I decrypted it manually, opened it in KMM (encryption was still off in the
>> > XML settings). I saved the file and it was encrypted so I could not open it
>> > in KMM.
>> >
>> > I manually decrypted it and opened it in KMM. I used Save as to save it
>> > with the same name. It still was encrypted.
>> >
>> > I decrypted it manually, opened it in KMM and used Save as to save it with
>> > the xml file extension, Test.xml.
>> >
>> > Test.xml was not encrypted. I opened it and used Save as to save it with
>> > the name Test.kmy and it was saved without being encrypted.
>> >
>> > Long story short if you ever encrypt a file you have to turn off
>> > encryption, save it with the xml file extension and then open that file and
>> > save it with the kmy file extension in order to stop encrypting the file
>> > every time you save it.
>> >
>> > This is not obvious nor ideal.
>> >
>> > ----
>> > Brendan Coupe
>> >
>> >
>> > On Sun, Dec 2, 2018 at 2:11 PM Brendan Coupe <brendan at coupeware.com> wrote:
>> >
>> > > I reread your suggestion and realized I missed one step.
>> > >
>> > > Assuming my file is named OldMoney.kmy if I save as NewMoney.kmy it's
>> > > encrypted.
>> > >
>> > > If I create a new file named NewMoney.kmy it's not encrypted. If I
>> > > then open OldMoney.kmy and save as NewMoney.kmy it's encrypted.
>> > >
>> > > If I open OldMoney.kmy and Save as either OldMoney.xml or NewMoney.xml
>> > > it is not encrypted.
>> > >
>> > > The dialog box asking it I want to encrypt the file never pops up.
>> > >
>> > > I was about to hit send when I decided to try something else. When I
>> > > opened what I expected to be the encrypted MyMoney.kmy file it was not
>> > > encrypted. I made a change and saved it and it's still not encrypted.
>> > >
>> > > Maybe saving it as OldMoney.xml fixed the problem???? I will try to
>> > > reproduce the steps that would prove this later today.
>> > >
>> > > Something is definitely wrong/weird.
>> > >
>> > > ----
>> > > Brendan Coupe
>> > > On Sun, Dec 2, 2018 at 1:41 PM Jack <ostroffjh at users.sourceforge.net>
>> > > wrote:
>> > > >
>> > > > Another wild thought.  Rename your old file (unencrypted) to the name
>> > > > of the one you newly created and see if it still encrypts it while
>> > > > saving.
>> > > >
>> > > > Also - when you did "Save as....", after choosing XML as storage type,
>> > > > don't you get a dialog asking about which encryption key to use?  One
>> > > > of the choices on that top dropdown should be not to use any key - thus
>> > > > no encryption.
>> > > >
>> > > > On 2018.12.02 15:28, Brendan Coupe wrote:
>> > > > > I already tried that and the new file is also encrypted.
>> > > > >
>> > > > > If I create a new file instead of using Save as on my existing file
>> > > > > the file is not encrypted, I can gunzip it and I get plain text.
>> > > > >
>> > > > > I forgot to mention that I've had this problem on botht he old
>> > > > > upgraded F29 computer and the clean install. I have removed the KMM
>> > > > > config files and let new ones be created and still have the problem.
>> > > > >
>> > > > > ----
>> > > > > Brendan Coupe
>> > > > >
>> > > > > On Sun, Dec 2, 2018 at 12:50 PM Jack
>> > > > > <ostroffjh at users.sourceforge.net> wrote:
>> > > > > >
>> > > > > > On 2018.12.02 14:10, Brendan Coupe wrote:
>> > > > > > > When I moved to 5.0 encryption no longer worked for me. I stopped
>> > > > > > > encrypting my file and decided to wait since the developers were
>> > > > > > > working on many issues at the time and I could get around it for
>> > > > > the
>> > > > > > > time being. At the time I was concerned that something in my
>> > > > > system
>> > > > > > > was preventing me from opening an encrypted file, it was not
>> > > > > > > necessarily a KMM issue.
>> > > > > > >
>> > > > > > > Last week I decided to try encrypting my file to see if it
>> > > > > worked. I
>> > > > > > > have the old system which has been updated from Fedora 28 to
>> > > > > Fedora
>> > > > > > > 29. I also have a brand new Fedora 29 system.
>> > > > > > >
>> > > > > > > Encryption works fine. When I try to open the encrypted file with
>> > > > > KMM
>> > > > > > > it fails just like it did before. The error is: "Cannot open file
>> > > > > as
>> > > > > > > requested." The details are "Cannot read the file:
>> > > > > > > /home/bcoupe/KMM/Coupes.kmy
>> > > > > > >
>> > > > >
>> > > /usr/local/src/kmm/kmymoney-5.0-2018.11.28-09.48.21/kmymoney/plugins/xml/xmlstorage.cpp:148"
>> > > > > > >
>> > > > > > > This looks like the same error I was getting before. I can easily
>> > > > > > > decrypt the file manually and then KMM opens it without a problem.
>> > > > > > >
>> > > > > > > I can live with an unencrypted file until I have time to dig
>> > > > > deeply
>> > > > > > > into this on different systems.
>> > > > > > >
>> > > > > > > The problem is when I uncheck "Use GPG encryption" in the KMM XML
>> > > > > > > Storage plugin KMM still encrypts the file every time I save it. I
>> > > > > > > have to manually decrypt it before I can open it.
>> > > > > > >
>> > > > > > > Am I missing something or is this a bug?
>> > > > > >
>> > > > > > I'm not sure, but would you try doing a "Save as.." instead of a
>> > > > > save,
>> > > > > > and use .xml instead of .kmy as the extension, and see if that will
>> > > > > > properly save a version without encryption.  I suspect that even
>> > > > > though
>> > > > > > you unselected encryption in the plugin configuration, that might
>> > > > > only
>> > > > > > apply to newly created files, and an existing file is saved using
>> > > > > the
>> > > > > > encryption KMM thinks is already applied to it (even if it happens
>> > > > > to
>> > > > > > be wrong.)  Note this is only a guess on my part, but if it works,
>> > > > > it
>> > > > > > might help point the developers to the source of the problem.
>> > > > > >
>> > > > > > Jack
>> > > > >
>> > > >
>> > >
>> >
>>
>> --
>>
>> Regards
>>
>> Thomas Baumgart
>>
>> https://www.signal.org/       Signal, the better WhatsApp
>> -------------------------------------------------------------
>> Q: How do I deal with memory leaks?
>> A: By writing code that doesn't have any. -- Bjarne Stroustrup
>> -------------------------------------------------------------