SSH hangs when using GPG2 + Yubikey on OS-X

NIIBE Yutaka gniibe at
Wed Jul 20 04:57:06 CEST 2016

On 07/19/2016 05:54 PM, NIIBE Yutaka wrote:
> On 07/19/2016 02:22 PM, Ben Warren wrote:
>> We don’t see this issue when using a file-based key for SSH,
>> although in that case we’re using ssh-agent, not gpg-agent.  I’ll
>> try using a file-based GPG key, which will be closer to the failing
>> configuration.
> Are you using some other tools for Yubikey?
> People sometimes do or write a script with
>   gpg-connect-agent "SCD RESET" /bye
> (to reset PIN auth state) but this only works well if we have a single
> connection from gpg-agent to scdaemon.  Having ssh-sessions (with
> forwarding), we have multiple connections from gpg-agent to scdaemon.
> This could be a cause of troubles.

I think that the problem occurs when we do "SCD RESET" above or
removal/insertion of token during the use of SSH.

It seems for me that OpenSSH client (7.2p2, in my case) keeps the
connection to ssh-agent even if it doesn't use forwarding.  So, it is
likely that we encounter this problem.

Today, I fixed this issue by:

	commit 1598a4476466822e7e9c757ac471089d3db4b545

Please try it out.

More information about the Gnupg-users mailing list