[pkg-gnupg-maint] Bug#854376: Bug#854376: Unable to use gpg-agent as ssh-agent
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Feb 9 00:42:33 UTC 2017
Hi Punit--
On Mon 2017-02-06 11:35:32 -0500, Punit Agrawal wrote:
> Not sure if it's related but gpg-agent stopped behaving as ssh
> agent after updating the system today. On my machine, I have
>
> % env | grep -i ssh
> SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh
>
> When trying to ssh, I run into
>
> % ssh <remote-host>
> sign_and_send_pubkey: signing failed: agent refused operation
>
> "ssh-add -L" shows that the key that should be used to log into the remote.
>
> On further digging, I landed at
> /usr/lib/systemd/user/gpg-agent-ssh.socket which doesn't seem to
> be explicitly enabling ssh support. But I'm not familiar with
> systemd units so might've misunderstood what's going on.
modern versions of gpg-agent have ssh support enabled by default.
If you're getting a refusal from the agent to sign the key, please let
me know:
* what version of the gnupg-agent package?
* what version of pinentry are you using by default? (e.g. the output
of "readlink -f $(which pinentry)")
* how are you launching your graphical environment? (e.g. "no graphical
environment at all", or "startx", or "gdm" or some other display manager)
* do you have dbus-user-session installed?
As a diagnostic workaround, can you try running the following and then
tell me whether gpg-agent starts working for you?
gpg-connect-agent updatestartuptty /bye
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170208/7847b44e/attachment.sig>
More information about the pkg-gnupg-maint
mailing list