Why exactly does pinentry fails with gpg-agent and ssh support?

Doron Behar doron.behar at gmail.com
Sun Jan 21 17:41:54 CET 2018

Hello everyone,

I've recently encountered the problem explained in item #3 here:
and I would like to discuss it.

I use the `systemd` user service provided with Arch Linux and it's
`ExecStart` is:

	/usr/bin/gpg-agent --supervised

I followed the recommended instructions on the official website and on
the Arch Linux's wiki

I also read the following bugs / threads:


As far as I understand, because I use `systemd`'s user service, whenever
I want to unlock an authentication key I need to run the command
`gpg-connect-agent updatestartuptty /bye`.

## My question is this:

The official documentation says:

> SSH has no way to tell the gpg-agent what terminal or X display it is
> running on. So when remotely logging into a box where a gpg-agent with
> SSH support is running, the pinentry will get popped up on whatever
> display the gpg-agent has been started.

Perhaps it would be possible to create some kind of feature request /
patch / merge request for ssh and enabling users to run this command
before connecting to an ssh server?

BTW I encountered a stackoverflow question on the subject that raises
the same problem:

More information about the Gnupg-users mailing list