gpg agent forwarding (via ssh) totally broken with 2.1 and NFS-mounted $HOME
Werner Koch
wk at gnupg.org
Tue Sep 22 09:00:38 CEST 2015
On Mon, 21 Sep 2015 18:49, nix at esperi.org.uk said:
> (It's not that the fs doesn't allow for special files -- it's that it's
> distributed, but the semantics of AF_UNIX socket creation assume that it
> isn't.)
Depends on the file system. At least some NFS versions don't allow
special files at all.
> Useful! ... though this seems more likely to be *used* if it applied to
> all assuan sockets at once, rather than one at a time.
That would require a lot of changes. The redirect file approach is
mostly a wrapper and works transparently on the client site.
> It seems to work much better now, though of course only assuan can
> follow these links, so your SSH_AUTH_SOCK has to point at wherever you
> pointed them, as does your ssh agent forwarding.
Right, but you have to set SSH_AUTH_SOCK yourself anyway.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list