Can't reply to email via mutt with GnuPG - asks for "keyID"

Question

I'm using mutt with GnuPG on Ubuntu. I have these general settings for GnuPG:

set pgp_decode_command         = "gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command         = "gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command        = "gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command           = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command      = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_import_command         = "gpg --no-verbose --import -v %f"
set pgp_export_command         = "gpg --no-verbose --export --armor %r"
set pgp_verify_key_command     = "gpg --no-verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command   = "gpg --no-verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command   = "gpg --no-verbose --batch --with-colons --list-secret-keys %r"

unset pgp_retainable_sigs

# set pgp_ignore_subkeys
# set pgp_verify_sig=yes
# set pgp_create_traditional     = no
# set pgp_autosign               = no
# set pgp_autoencrypt            = no
# set pgp_replysignencrypted
# set pgp_replyencrypt           = yes
# set pgp_replysign              = yes

set crypt_autosign                     # automatically sign all outgoing messages
# set crypt_replysign                  # sign only replies to signed messages
# set crypt_autoencrypt=yes            # automatically encrypt outgoing msgs
# set crypt_replyencrypt=yes           # encryp only replies to signed messages
# set crypt_replysignencrypted=yes       # encrypt & sign replies to encrypted msgs
set crypt_verify_sig=yes               # auto verify msg signature when opened
set pgp_create_traditional = yes       # http://www.rdrop.com/docs/mutt/manual236.html#pgp_create_traditional

set pgp_timeout                = 3600
set pgp_good_sign              = "^gpg: Good signature from"

And I have these settings for the specific account in question:

send-hook mark.nichols@gmial.com 'set pgp_autosign'
pgp-hook mark.nichols@gmail.com 53445200

set pgp_encrypt_only_command="/usr/lb/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 53445200 -- -r %r -- %f"
set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 53445200 -- -r %r -- %f"
set pgp_sign_as=53445200

If I send an email to someone who does not have a GPG key, the outgoing email is digitally signed using my key and is sent. When I get a reply to that email, and reply in turn, however, I cannot it as I asked:

Enter keyID for <recipient email>

I can get out of that dialog with Ctrl-G, but I cannot get past it. At first I thought it was one of these two setting:

# set crypt_replyencrypt=yes           # encryp only replies to signed messages
# set crypt_replysignencrypted=yes       # encrypt & sign replies to encrypted msgs

But even with them commented out I am asked for a key that doesn't exist. Where is the setting I am missing that is requiring I specify a key for the receiver on a reply?

Thanks

Answer 1

The answer is use GPGME. The GPGME library encapsulates most, if not all, commonly used GnuPG functions. With just a few configuration lines everything GnuPG related "just works." This posting is a good guide: https://sanctum.geek.nz/arabesque/gnu-linux-crypto-email/

In the end my setup now looks like:

# Use GPGME
set crypt_use_gpgme = yes

# Sign replies to signed emails
set crypt_replysign = yes

# Encrypt replies to encrypted emails
set crypt_replyencrypt = yes

# Encrypt and sign replies to encrypted and signed email
set crypt_replysignencrypted = yes

# Attempt to verify signatures automatically
set crypt_verify_sig = yes

# Use my key for signing and encrypting
set pgp_sign_as = 0x53445200

# Automatically sign all out-going email
set crypt_autosign = yes

Far simpler, and it works.