"Unsafe permissions on configuration file `/home/david/.gnupg/gpg.conf" What does it mean and how to fix?

gnupg

gpg: WARNING: unsafe permissions on configuration file /home/david/.gnupg/gpg.conf' gpg: WARNING: unsafe enclosing directory permissions on configuration file/home/david/.gnupg/gpg.conf' gpg: external program calls are disabled due to unsafe options file permissions

This means that your ~/.gnupg/gpg.conf has unexpected permissions for the user you are running as, like write access to "others", another user or the executable bit. This file should always for security reasons only be readable and writable by the user, and no one else:

$ ls -l ~/.gnupg/gpg.conf
-rw------- 1 braiam braiam 7890 Jul  8 18:51 .gnupg/gpg.conf

Yours probably has different user or permissions. Check them out using ls -l ~/.gnupg/gpg.conf. To fix this is simple enough:

chown $(whoami):$(whoami) ~/.gnupg/gpg.conf ## if this fails read at the bottom
chmod 600 ~/.gnupg/gpg.conf

If some of the commands fails, or you keep getting the error message you mentioned after following these instructions, you should delete the ~/.gnupg directory, because it cannot be trusted anymore.

rm -r ~/.gnupg/gpg.conf ## If this fails, use sudo

You can then try to run gpg command with the same user that is going to run the script, this way your user with create ~/.gnupg directory with appropriate permissions.


You probably migrated your .gnupg folder from another machine, or tampered another way with the file permissions.

GnuPG enforces private ownership of the folder and some files for security reasons.

These two lines fix the permissions. The first one ensures that the ~/.gnupg folder (and everything in it) is actually yours. To possibly overtake ownership, it requires root privileges, thus the sudo. The second line makes sure nobody but you can read its contents (remove read, write and execute permissions for group and other users). Your username gets inserted automatically, so you can copy-past the lines directly to your terminal:

sudo chown -R ${USER}:${USER} ~/.gnupg
chmod -R go-rwx ~/.gnupg

I just faced the same problem. It turned out I was running the gpg command using sudo. When I tried again without sudo, it worked fine and no error was displayed. So, it might be the case for you too.

Related

How to submit a file to paste.ubuntu.com without graphical interface?
How can I remove un-installed programs from the Unity dash menu?
"sudo apt-get install foo-" causes removing foo package and everything depending on it [duplicate]
Can't access my home directory "Encrypted private directory is not setup properly"
How do you make a button that performs a specific command?
How can ubiquity be forced not to install grub?
Cannot install vim
How do I control my fan speed?
Connecting to VPN prevents access to normal web sites
Cant install via Ubuntu Software- "apt transaction returned result exit-failed"
How to add Google Hangout to Pidgin
Not been able to Shut Down 13.04