Using gpg-agent as ssh-agent on Windows with MSYS

Sebastien lechtitseb at gmail.com
Wed Nov 29 21:50:54 CET 2017


Hello,

I think I'm currently facing the issue described in
https://lists.gnupg.org/pipermail/gnupg-users/2016-September/056771.html
(sorry, couldn't find how to just reply to that thread).

I'm using GnuPG, gpg and gpg-agent in my Windows Git bash environment
(MSYS) (on Windows 10 x64). I like having everything in there for ease of
use and portability.

I'd like to know if this is just a known issue/limitation with a known
workaround or if it's just not supported?

Some more background about what I've configured/tried:

Just starting gpg-agent with gpg-connect-agent/bye doesn't work for me, it
always gives the following error:
$ gpg-connect-agent /bye
ERR 67109139 Unknown IPC command <GPG Agent>

I could work around that error using: MSYS_NO_PATHCONV=1 gpg-connect-agent
--homedir $GNUPGHOME_WIN /bye

Where $GNUPGHOME_WIN just contains the Windows style path to my gnupg
folder (in my case c:\CloudStation\Configuration\SebHome\.gnupg).
Effectively like that MSYS doesn't perform path conversions and
gpg-connect-agent / gpg-agent seem to receive the correct path.

In my ~/.gnupg folder I then do find those files:
gnupg_spawn_agent_sentinel.lock
S.gpg-agent
...
S.gpg-agent.ssh

And the agent seems to be running:
$ gpg-agent
gpg-agent[14380]: gpg-agent running and available

Unfortunately if I execute ssh-add -L, I get:
$ ssh-add -L
Error connecting to agent: Bad file descriptor

Here's the part of my bash profile with comments about things I've tried
and that didn't help:

# GnuPG home
export GPG4WIN_HOME=$TOOLS_HOME/Gpg4Win_3.0.1
export GPG_HOME=$GPG4WIN_HOME/GnuPG
export KLEOPATRA_HOME=$GPG4WIN_HOME/Gpg4win

append_to_path $GPG_HOME
append_to_path $GPG_HOME/bin
append_to_path $KLEOPATRA_HOME/bin_64
append_to_path $KLEOPATRA_HOME/bin

# where it puts its files and looks for its configuration
export GNUPGHOME=$HOME/.gnupg

# path conversion ref: https://stackoverflow.com/questions/13701218/windows-
path-to-posix-path-conversion-in-bash
export GNUPGHOME_WIN=$(eval "echo $GNUPGHOME" | sed -e 's/^\///' -e
's/\//\\/g' -e 's/^./\0:/')

# create the home folder otherwise gpg will complain
mkdir -p `echo $GNUPGHOME`
alias gpg='gpg.exe'
alias pgp='gpg'
alias kleopatra='kleopatra.exe'

# Start the gpg-agent (daemon)
# Eliminate path conversion issues for that specific command
# Reference: https://stackoverflow.com/questions/7250130/how-to-stop-
mingw-and-msys-from-mangling-path-names-given-at-the-command-line

# daemon that will manage the gpg keys and allow to perform ssh auth
#eval $( MSYS_NO_PATHCONV=1 gpg-agent --daemon --enable-ssh-support
--enable-putty-support  --homedir $GNUPGHOME_WIN ) &

# Ref: https://incenp.org/notes/2015/gnupg-for-ssh-authentication.html
# Ref: https://www.gnupg.org/documentation/manuals/gnupg/
Invoking-gpg_002dconnect_002dagent.html
MSYS_NO_PATHCONV=1 gpg-connect-agent --homedir $GNUPGHOME_WIN /bye

# Configure SSH_AUTH_SOCK (so that ssh-add can contact the gpg-agent)
#export GPG_AGENT_PID=$$
#export GPG_AUTH_SOCK=$(echo $HOME/.gnupg/S.gpg-agent.ssh)
#export SSH_AUTH_SOCK=$GPG_AUTH_SOCK

# with Win path (not helping)
#export GPG_AUTH_SOCK=$(echo $GNUPGHOME_WIN/S.gpg-agent.ssh)
#export SSH_AUTH_SOCK=$GPG_AUTH_SOCK

#export SSH_ENV="$HOME/.ssh/environment"


Any help would really be appreciated!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20171129/10092e2d/attachment.html>


More information about the Gnupg-users mailing list