[pkg-gnupg-maint] Bug#919856: Bug#919856: gpg-agent: agent refuses operation again
Norbert Preining
norbert at preining.info
Wed Jan 23 07:12:30 GMT 2019
Hi Yutaka,
> I think that your ssh invocation is the first trigger to invoke
> gpg-agent (by systemd).
Yes, I can confirm that after logging into the session there is no
gpg-agent running (nor ssh-agent).
> Does SSH work successfully, when gpg-agent is invoked by gpg, by running
> something like "gpg --card-status" before running ssh? If SSH works
> after "gpg --card-status", this is another way of workaround.
No. I did reset the pinentry to the gnome version and it again failed:
$ gpg --card-status
Reader ...........: Yubico Yubikey NEO OTP U2F CCID 00 00
...
$ ssh kimsufi
sign_and_send_pubkey: signing failed: agent refused operation
sign_and_send_pubkey: signing failed: agent refused operation
..
$
> $ gpg-connect-agent "getinfo std_startup_env" /bye
Looks fine to me, too:
$ gpg-connect-agent "getinfo std_startup_env" /bye
D DISPLAY=:0
D XAUTHORITY=/home/norbert/.Xauthority
D XMODIFIERS=@im=fcitx
D GTK_IM_MODULE=fcitx
D DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
D QT_IM_MODULE=fcitx
OK
$
> You can test if pinentry itself works in your environment. Here is my
> example session, where "-->" stands for my input and "#" is comment.
Works here, too:
$ pinentry-gnome3
OK Pleased to meet you
getpin
D hello
OK
bye
OK closing connection
$
(got a window asking me to enter)
So that is rather cryptic indeed ...
Best
Norbert
--
PREINING Norbert http://www.preining.info
Accelia Inc. + JAIST + TeX Live + Debian Developer
GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
More information about the pkg-gnupg-maint
mailing list