Kleopatra Insanity | Recompiled GnuPG and Kleopatra from scratch (SOLVED)

GnuPG Help
,
1

All of a sudden:

I can encrypt but I cannot sign.

I cannot delete a fake user I made.

I click the “Change Password” button and the icon outline jumps to “close”.

At first I removed Kleopatra. Then I purged it.

Then I backed up /.gnupg/ and emptied it.

Then I took a copy from one month back and tried using what was a good backup.

In the end I compiled everything and started blank and Kleopatra is still insane.

And GnuPGLogWatcher is missing as well.

Linux host 6.12.73+deb13-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.73-1 (2026-02-17) x86_64 GNU/Linux

6.12.73+deb13-amd64

Only terminal functions.

What in the world happened to Kleopatra?

UPDATE

This is getting wild. I have never saved my passphrase in kleopatra - and all of a sudden it can sign and I am missing a few tabs.

I only have four tabs under configuration.

Things I’ve run:

gpg-agent --version
gpg-agent (GnuPG) 2.5.17

gpg --version
gpg (GnuPG) 2.5.17

libgcrypt 1.12.0

gpg -vvv debug verbose

gpg --check-trustdb
gpg --update-trustdb
gpgconf --list-dirs
gpgconf --apply-defaults
gpgconf --list-components
gpgconf --check-programs
keyboxd:1:0:
dirmngr:1:0:
gpgconf --kill dirmngr

gpg-agent.conf	
pinentry-program /usr/bin/pinentry

\________________________\_
COMMENTED SECTION

gpg-connect-agent reloadagent /bye
ls /usr/bin | grep pinentry
pinentry-program /usr/bin/pinentry-tty
sudo update-alternatives --config pinentry
$ export GPG_TTY=$(tty)
$ unset DISPLAY
$ gpg-connect-agent updatestartuptty /bye
$ sudo gpg-connect-agent updatestartuptty /by
$ which pinentry
/usr/local/bin/pinentry
$ ls -al /usr/bin/pinentry\*
pinentry-program /usr/local/bin/pinentry

I got everything to work.

Backend error: gpgconf does not seem to know the entry for dirmngr/ldaptimeout
Backend error: gpgconf does not seem to know the entry for dirmngr/max-replies

removed gnupg-agent
removed scdaemon
removed libpam-poldi
removed dirmngr (which removes everything)

changed to pinentry-program /usr/bin/pinentry-qt

Death to all computers!!!

Fixed.

2

Hi @encrypted,

good that you’ve got the thing sorted out.

A hint for others in a similar situation:
It usually helps to first see if the operations work on the command line, calling the crypto engine more directly. The gui frontends cannot work, if the command line does not. :slight_smile:

Then adding some more diagnostic output, usually diagnoses the problem quickly.

Best Regards,
Bernhard

3

Hi @bernhard it upsets me because I had collected 75 webpages going to back 2023 when our dear Werner found the problem but saw it as too complicated.

I will keep looking.

Here is another one from Werner, “FWIW: Okay, gmime is still a wrapper around gpgme. After decryption it has the ability to get the used session key from the gpgme result structure. Thus, I have been on the wrong trail. The actual problem is not gpgme but more GnuPG’s use of Libgcrypt or an actual regression in Libgcrypt. Well, Friday 13th.”

4

Hello @bernhard

  1. Serious Bug: Koch stated that a memory-corruption bug was “the only serious bug from their list” and questioned whether the others would actually allow Remote Code Execution (RCE).

  2. Disclosure Timeline: Koch mentioned that the vulnerability reports were filed in October and were initially set to private because there was no clear statement on when they could be published, and further communication was lacking.

  3. Fix Status: The memory-corruption bug was fixed in the 2.5.14 release in November, with a fix for the 2.4 branch pending.

    Responses to gpg.fail

    LWN.net

    https://lwn.net › Articles

    Jan 21, 2026 — GPG creator and maintainer Werner Koch said on December 29 that he agreed with most of the comments in Bachmeyer’s first email.

All new machines. No fixes. Werner points to Memory Corruption. It is abundant.