Environment variables for UPDATESTARTUPTTY of gpg-agent

NIIBE Yutaka gniibe at fsij.org
Wed Jul 13 03:47:03 CEST 2016


On 07/13/2016 01:50 AM, Thomas Gries wrote:
> Am 12.07.2016 um 10:53 schrieb Werner Koch:
>>> Recently, I changed the configuration so that gpg-agent is started by
>>> systemd.  Then, I encounter this issue:
>> You mean 2.0?  Since 2.1 auto starting the agent is the default and I
>> don't see why some other software should take part in it.  GnUPG would
>> not anymore be self-contained.  Anyway.
> The problem is, that Debian 8 (Jessie) still has the 2.0x versions, and not
> the 2.1x version, and you get these annoying "gnome-keyring hijacked GPG
> agent" issue.
> 
> gpg (GnuPG) 2.0.26
> libgcrypt 1.6.3
> 
> Any idea when this will change, and when the 2.1x will become available
> in Debian 8 ?

I think that you are talking about different issue.  It's not a
problem of GnuPG (but problem of gnome-keyring), from the viewpoint of
mine.  In Debian, the bug reports in question are:

    SSH service: https://bugs.debian.org/623539
    gpg-agent: https://bugs.debian.org/760102

Per user basis, you can stop gnome-keyring for SSH service:

   https://blog.josefsson.org/2015/01/02/openpgp-smartcards-and-gnome/

Or see the last message in 623539.

I do disable SSH service and gpg-agent emulation by gnome-keyring
system wide, because there are no reason to enable these (for me).
See:

    http://www.gniibe.org/memo/notebook/gnome3-gpg-settings.html



I don't know if GnuPG 2.1 will be backported to Jessie or not.  Even
if it will be backported, you need to disable gnome-keyring services
of SSH and gpg-agent emulation (or expect gnome-keyring backport).

While 760102 was closed, I'm not sure about the current status for the
newer version of gnome-keyring interference for SSH service.


Well, I escaped from GNOME3.  However, newer xfce4-session has this
issue:

    https://bugs.debian.org/791378

I did:

  $ xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -n -t
bool -s false
  $ xfconf-query -c xfce4-session -p /startup/gpg-agent/enabled -n -t
bool -s false

to stop starting gpg-agent and ssh-agent by xfce4-session.
-- 



More information about the Gnupg-devel mailing list