On 2015-12-02 14:26, NIIBE Yutaka wrote:
On 2015-12-02 at 12:36 +0100, the...@otpme.org wrote:
here is the output for a failed session and a working one (with
openssh
6.7p1).
Both times i started two ssh sessions, keeping the first one open.
Thank you very much.
No problem. I'm glad to help out and probably get a fix for this
annoying issue. :)
Failed
gpg-agent.log - http://paste.ubuntu.com/13620856/
There are three connections from SSH:
(1) handler 0x557c807ec310 for fd 8
(2) handler 0x557c807eebb0 for fd 10
(3) handler 0x557c807eeb80 for fd 10 (fd 10 re-used)
token removed
|
v
(1) ------------------>
(2)-->
(3)------>
******---- conflicting use
scd.log - http://paste.ubuntu.com/13620863/
There are two connections from gpg-agent:
(a) chan_7 from (1)
(b) chan_9 from (3)
token removed
|
v
(a) ------------------>
(b)------>
******---- conflicting use
The connection from SSH remains in gpg-agent by some reason. This is
the reason why the connection from gpg-agent remains in Scdaemon,
which results conflicting use.
Anyway, when Scdaemon detects card/token removal, it could finish
existing connection(s). I'll consider fixing this.
Sounds good. Should i open a bug report for this?
I don't know the exact reason why connection from SSH remains, though.
I am unsure if it is yubikey specific but as it is working with older
openssh versions i guess its some bug thats related to any openssh
changes.
From the logs, I don't think it's yubikey specific.
If you say that this is not a gnupg issue i'll ask the yubico folks.
But it would be really great to get any hint what could be the
problem
from someone who is familiar with the technical details. :)
This is GnuPG issue, specifically, Scdaemon issue.
Is there any workaround we can apply to fix this issue? Currently i am
using a self compiled ssh client binary of openssh 6.7p1 as workaround.
Thanks a lot for your help.
Regards
the2nd
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
