Problem
Some versions of Gnome Keyring hijack the connection to GPG Agent (they intercept all the communication between gpg or gpgsm and gpg-agent) by setting the GPG_AGENT_INFO environment variable to point to the Gnome Keyring process. Gnome Keyring then filters all communication with gpg-agent.
This is the default in Ubuntu (see PlatformNotes).
gpg (since version 2.0.23) detects this and issues the following warning:
gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system!
You can read more about the issue here according to both the GnuPG developers and the Gnome Keyring developers. The motivation for hijacking the connection is that Gnome Keyring wants to:
- provide a pretty dialog for requesting the user's passphrase
- save the user's passphrase in Gnome Keyring's storage so that the user doesn't need to enter the pass phrase.
Unfortunately, Gnome Keyring's implementation of that internal GnuPG protocol is incomplete. Thus although many operations work, in particular, working with smart cards results in errors that look like this:
$ echo | gpg2 --sign gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system! gpg: selecting openpgp failed: Unsupported certificate gpg: signing failed: Unsupported certificate
It is also not possible to use gpgsm (the S/MIME part of GnuPG).
Security Issues
- GKR effectively performs a man in the middle attack. Although the attack is not active (GKR's intentions are good), it is possible that GKR inadvertently causes an information leak. For instance, if the pass phrase is not held in locked memory, it could be written to swap and later extracted.
- GKR saves pass phrases in the storage protected by the user's login password. This password is often significantly weaker than those used for protecting keys. GKR doesn't inform users of this nor does it provide an option to disable caching of GPG pass phrases.
- Further, it completely destroys security of GnuPG's key derivation function (KDF). When GnuPG needs to determine the iteration count to use for s2k (the KDF), it queries gpg-agent (gpg-connect-agent 'getinfo s2k_count' /bye). If Gnome Keyring is intercepting the traffic, this command returns an error and gpg falls back to the old default of 64k, which is very weak: on a 4 year old laptop (Thinkpad x220), the computed number of iterations is about 300 * 64k. (Note: gpg shouldn't compute the value locally as it takes some seconds to compute, gpg is latency sensitive and the value can't be saved in a file as it needs to be local to the computer.)
Mitigation
The easiest way to avoid this problem is to uninstall Gnome Keyring. This may have unintended consequences. For instance, if you use network manager, then it will silently fail to connect to password protected networks. If you are using a Debian based distribution (including Ubuntu & Mint), you can disable the gpg agent part of Gnome Keyring on a system-wide basis using the following command:
$ sudo dpkg-divert --local --rename --divert /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable --add /etc/xdg/autostart/gnome-keyring-gpg.desktop
If you later decide to reenable it, then you can use:
$ sudo dpkg-divert --rename --remove /etc/xdg/autostart/gnome-keyring-gpg.desktop
It is also possible to use a similar trick on a per-user basis. See:
Ubuntu: Additional Steps
Ubuntu users may also need to stop upstart (/usr/share/upstart/sessions/gnome-keyring-gpg.conf) from loading the gpg component of the gnome-keyring-daemon. From gnome-keyring version 3.10.1-1ubuntu9, upstart will observe the addition of this setting X-GNOME-Autostart-enabled=false to gnome-keyring-gpg.desktop (a la the Josefsson's blog method linked above). For older versions of gnome-keyring, an upstart specific override may be needed.