[pkg-gnupg-maint] Bug#834829: Bug#834829: gnupg-agent: gpg-agent looses connection to usb dongle and stops working

Wed Aug 31 16:08:04 UTC 2016

Hi Norbert--

On Wed 2016-08-31 10:01:38 -0400, Norbert Preining <preining at logic.at> wrote:

> sorry for the late reply, I have now collected as many information
> from your three emails.

thanks for this followup!

> Let us start with what I have done:
> * activate default gpg-agent startup via systemd as decribed in
> /usr/share/doc/gnupg-agent/README.Debian:
>         systemctl --user enable gpg-agent
>
> * reboot, login
>
> after that the status is as follows:
> * gpg-agent is running:
>         /usr/bin/gpg-agent --daemon --homedir /home/<USER>/.gnupg
> * ssh fails
> [~] ssh <some-machine>
> sign_and_send_pubkey: signing failed: agent refused operation
> sign_and_send_pubkey: signing failed: agent refused operation
> user at some-machine's password:
>
>
>>     gpg-connect-agent updatestartuptty /bye
>
> Done that, did not change anything:

it's a little bit weird that you say that "updatestartuptty" did not
change anything:

> [~] gpg-connect-agent updatestartuptty /bye
> OK
> [~]
>
>>     gpg-connect-agent 'getinfo std_startup_env' /bye
>
> [~] gpg-connect-agent 'getinfo std_startup_env' /bye
> D GPG_TTY=/dev/pts/2
> D TERM=xterm
> D DISPLAY=:0
> D XAUTHORITY=/home/norbert/.Xauthority
> D XMODIFIERS=@im=fcitx
> D GTK_IM_MODULE=fcitx
> D DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-CY1VsRjJ7v,guid=d93c4131d59dc5ca299bf49f57c6d42e
> D QT_IM_MODULE=fcitx
> OK
> [~]

can you compare this content of "std_startup_env" with the same query on
the first login after a reboot, before any invocation of
"updatestartuptty" ?

>> when gpg-agent is running, what do the following commands show?
>
> [~] gpg-connect-agent 'scd getinfo version' /bye
> D 2.1.14
> OK
> [~] gpg-connect-agent 'scd getinfo reader_list' /bye
> D 1050:0116:X:0%0A
> OK
> [~] gpg-connect-agent 'scd getinfo app_list' /bye
> D openpgp:%0Anks:%0Ap15:%0Ageldkarte:%0Adinsig:%0Asc-hsm:%0A
> OK
> [~] ps -eFH | grep 's[c]daemon'
> <user>   2747  2038  0 46135  1500   2 21:58 ?        00:00:00       scdaemon --multi-server

ok, this looks like what i'd expect.  you've got a smartcard daemon that
has been launched from your running gpg-agent, and the smartcard daemon
knows about a smartcard reader.

>> Can you also try this sort of direct debugging of pinentry?
>>   echo getpin | env -i DISPLAY=:0 DBUS_SESSION_BUS_ADDRESS=/run/user/1000/bus pinentry
>
> I do not have a directory/file "bus" in /run/user/1000/
> probably because I don't have:
>
>> one other question for those following this bug: do you have
>> the dbus-user-session package installed?
>
> dbus-user-session installed.

ok, but can you clarify that a pinentry prompt does work for you in
general?

> Now for what I did and how I did it get running:
>
> What works *without* any problems is starting
> 	gpg-agent --daemon
> from Alt-F2 (run-me, whatever) in my DE (cinnamon).
>
> That is the only thing that actually works.

sorry, i'm pretty confused by this -- when you say this "actually works"
can you be clear about what the change is before and after you run this?

Are you saying that running "gpg-agent --daemon" separately somehow
allows access to your usb dongle?

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20160831/6965dfca/attachment-0004.sig>