Multiple Users homedir same keys S.uiserver issue

We are using (GnuPG) 2.0.17 (Gpg4win 2.1.0)

We have multiple users that all use the same key. Its very simple. They just encrypt and decrypt .txt files using the same keys.

To help with installation of new users, to stop having to import or copy keys to each NEW user’s appdata folder we thought it would be easier if we were able to put the keys in a central location.
In which case we have found the registry entry for local machine AND the environment variables GNUPGHOME

Which works great except for on windows 7 they are able to “switch users”. If they switch users we will get an error about the s.uiserver is in use by another user and kleopatra may not function properly. It will then not show the keys.

Is there a way to keep the keys in a location such as c:\gpgkeys and have no errors in case users “switch users”.

I have tried using local machine reg settings and system variables…
I have not tried current user reg settings or user variables, would we still have the same issue?

Hi Jason,

if the keyring files are accessible by several persons, it should work fine.

Note that Kleo’s or gpa’s uiserver is a service that runs in the background
and is personal. So each user would need to start it.

Maybe you should not use GNUPGHOME, but try the config option “–keyring”
and each user having its own gnupg home.

Best,
Bernhard

Hi Bernhard,

Thanks for replying and if you can please excuse my ignorance.
At our facility we have users typically on xp machines. This will be changing soon as support ends.

Anyway it bothered me to constantly have to set up new users, we would just copy one users appdata\gnupg to another.

So I thought it would be great to make a central “home dir” say in c:\gpgkeys

Which I did first in local machine registry… then found the system variable method which even over rides the registry.
Anyway the problem occurred when we did this on a windows 7 pc, and instead of one user logging off… the new user just “switched users” so there were basically two logged in on one machine.

Since kleopatra was running on the first user, when the second user started their kleopatra it gave the error, s.uiserver is in use by another user kleopatra may not function properly… and kleopatra did not show any keys.

I notice (when I have system variable set on GNUPGHOME) when a user opens kleopatra this s.uiserver shows up in the c:\gpgkeys …and when kleopatra exits, the file disappears.

so unless there is a way to have the s.uiserver file populate in a different location or show up with a different file name then the second user will always have this error because their kleopatra is also trying to create this file when started.

The users do not use a command line when decrypting or encrypting a file. They use kleopatra.

Sorry for the long detail, any ideas?
THANK YOU!

Hi Jason,
the ui.server is a service for one user.

In your situation I’d try using an additional keyring file that all users share.
The setup and configuration for each user would be the same, so you could just copy it
to all users. But because they have all their own home they would all have their own ui.server and could run in parallel. Because they are a shared keyring, you can do changes to keys there once.

There may be a way to have seperate ui.servers on the same GNUPGHOME, but I don’t know without digging a lot deeper.

Best,
Bernhard