Why exactly does pinentry fails with gpg-agent and ssh support?
André Colomb
andre at colomb.de
Mon Jan 22 18:06:48 CET 2018
Hello Daniel,
I'm on Ubuntu 17.10 with GnuPG 2.1.15, by the way.
Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote on 2018-01-22 12:53
(UTC+0100)
> It may also depend on how the session itself is started. Maybe one of
> you is starting the user session in non-graphical mode (either a vt
> login, or maybe ssh?), while the other one is starting it directly from
> a graphical display manager?
The session is started by GDM3, using the vanilla gnome-session scripts
(not the adapted ubuntu-session, also based on GNOME 3). The systemd
user unit file is copied from /usr/lib/systemd/user/gpg-agent.service
and the Upstart-specific "initctl" command line commented out.
The main difference I see here is that I have enabled the user unit by
symlinking from ~/.config/systemd/user/default.target.wants/, whereas
the Ubuntu package includes the symlink in
/usr/lib/systemd/user/graphical-session-pre.target.wants/.
acolomb at barnov:~$ systemctl --user status gpg-agent.service
Loaded: loaded (/home/acolomb/.config/systemd/user/gpg-agent.service;
enabled; vendor preset: enabled)
> do you have dbus-user-session installed? (it is recommended)
Yes.
(from your other message:)
> the systemd user service takes care of automatically launching the
> gpg-agent when the user connects to it via the ssh-agent protocol, so
> this isn't required when using systemd.
I can't see how it does that in my packaged Ubuntu version (2.1.15),
there is no gpg-agent.socket unit file anywhere?
Any other ideas on how to debug this? What logging should I enable for
gpg-agent and how?
Btw. it affects both my Yubikey as well as file-based authentication
subkeys, so not specific to scdaemon apparently.
Regards
André
--
Greetings...
From: André Colomb <andre at colomb.de>
More information about the Gnupg-users
mailing list