[pkg-gnupg-maint] Bug#823492: Bug#823492: pinentry-gnome3: does not handle SSH-forwarded X11 connections correctly
Eduard Bloch
edi at gmx.de
Tue Nov 1 22:15:29 UTC 2016
On Thu, 05 May 2016 17:25:54 +0200 Werner Koch <wk at gnupg.org> wrote:
> On Wed, 4 May 2016 20:59, a.rottmann at gmx.at said:
>
> > gpg-agent was originally spawned on). This is in spite of using
> > "gpg-connect-agent updatestartuptty /bye" from the SSH-spawned shell
> > (which has the correct DISPLAY variable value). This information is
>
> I use it daily to switch between my laptop's display and my Xserver
> running on my desktop. It works for me with the GTK and curses
> pinentries.
>
> Adding "debug-pinentry" to gpg-agent.conf may help with debugging.
This weekend I was trapped by this (or similar) bug and it took a while
to realize what was going wrong (see #842015).
To make it short: pingentry-gtk2 is ok (and so is pinentry-qt) but
pingentry-gnome3 does NOT honor $DISPLAY environment and apparently
talks display :0 only (or maybe where the first local session started? Not
sure).
Easy to reproduce with "Xephyr :1" and
"ls | DISPLAY=:1 gpg --armor --sign" and guess where the windows will
appear... :-(
In the lack of verbose output by default it's hard to tell from user's
POV what/where the culprit is.
Another buggy behavior I observe sometimes (not sure about repro steps,
maybe only after changing pingentry implemenation with
update-alternatives?!) with pinentry-gnome3 (or maybe
gpg-agent itself?) is that when I push Cancel the gnome dialog comes
again.
I can do so 5 times and then the gnupg-agent hangs. Once this happened,
you can run gpg/gpg-agent again and again and it will just freeze as
soon as passphrase entry is needed. The only workaround seems to be
killing gpg-agent.
This contributes even more to the confusion from the first problem.
Best regards,
Eduard.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20161101/11a17698/attachment.sig>
More information about the pkg-gnupg-maint
mailing list