[pkg-gnupg-maint] Bug#855868: Bug#855868: GPG_AGENT_INFO and SSH_AUTH_SOCK not set in wayland sessions

rufo rufo at rufoa.com
Fri Sep 8 22:56:40 UTC 2017


On 08/09/17 04:44, Daniel Kahn Gillmor wrote:
> 
> OK, the proposed fix is now part of the gnupg2 2.2.0-3 package, which
> was just uploaded to unstable.
> 

Looks good.  Thanks!

> i was expecting to see it work if i log into a user account via ssh, on
> a machine with libpam-systemd installed, and with that user's
> ~/.gnupg/gpg-agent.conf having enable-ssh-support.
> 
> However, it doesn't seem to work (the environment variable isn't set in
> the new ssh session, despite ensuring that no other process was active
> for that user before logging in), and i confess i don't know why --
> running /usr/lib/systemd/user-environment-generators/90gpg-agent by hand
> produces the output i expect.
> 

Just looked into this - the generator script is actually working
properly, but the env vars it sets are not being inherited by your shell
when you ssh in.

It looks like this is the intended behaviour of openssh, which builds an
bare-bones env [1] before invoking your shell with execve.

If a user wants SSH_AUTH_SOCK to be set inside their ssh session, the
easiest way is probably for them to copy the old Xsession.d script into
their .bashrc or similar.

  --rufo


[1]
https://github.com/openssh/openssh-portable/blob/de4ae07f12dabf8815ecede54235fce5d22e3f63/session.c#L963



More information about the pkg-gnupg-maint mailing list