Bug#835394: [pkg-gnupg-maint] Bug#835394: Bug#835394: Same issue here
On Sun 2018-10-07 19:46:38 +0200, Sofus Rose wrote: > 0. systemd is set to a text startup target. > 1. I login to a tty text console. > 2. I run startx I use this same workflow to start X11, and i don't have the problems described. > It may be worth noting that after my DE (Budgie) has started, I'm usually > prompted to enter my password to unlock the login keychain. what version of pinentry are you using? do you have dbus-user-session installed? Regards, --dkg
Bug#835394: [pkg-gnupg-maint] Bug#835394: Same issue here
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cheers, I've been having the same issue, where I'm getting this error when ssh'ing into just about anything: sign_and_send_pubkey: signing failed: agent refused operation I do indeed startup my graphical session in a non-standard way (for unrelated reasons): 0. systemd is set to a text startup target. 1. I login to a tty text console. 2. I run startx It may be worth noting that after my DE (Budgie) has started, I'm usually prompted to enter my password to unlock the login keychain. Like others in this thread have mentioned, running the following command seems to fix everything until I shut down: $ gpg-connect-agent updatestartuptty /bye Some system info: $ uname -a Linux dawnrose 4.18.0-1-amd64 #1 SMP Debian 4.18.8-1 (2018-09-18) x86_64 GNU/Linux Hope this can help! Regards, Sofus Rose -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE47NF7/9bOZS8HRJgPQG+lfPv/rkFAlu6Rl8ACgkQPQG+lfPv /rkC5Q//W+wDqyxH5E3K/qQJVU75FFl7wZmXurqMdNZ/bGcBwxNUvtu2XhBGiMpD 8Tjf3GZaljaExI7vy4q9Cl3lWgnT8LZfoxcFKV6JQllYg1Zq8l5fFeKZ3Y1SERAy PjO/mKGsgeuMBvqkoqQxndk+VJOPWiYtaiSlzvMg9cizj8H2Bqi/idTwLaN8pOkP rh4dbzIxlq+xUjwSGZTeYBsZW+kYWygd5p/oQcPPnCvZwik8auVkTWDu+esosw9P DfMmCRE13kGHzPgJ5Kth2El+EUKVozlEL5d2oN6DLMoKQ7bVQbKsSquhDfm6WXac tML+LdwrNUBufInmk5D3YCwZpknZnUy3aBGW/u6ccM62XBItU5UhWHNLG+VzGyOu Hio3olrL+NLQnkUZwrYsRF47RBbpA2WA8z082nWN5/e2xlnE2uQH46BKrDKmwy6g j465OPZJ2m4ioLGuXhvZtGYVHIf8Ny4w4ACbRRtO5UldLpPbq/DqQWLZmytBqTzV OMcHQcP9iEOXSOWjvzC1HwPKh8CmRHjASZrldv0qjSSrmNW2sb8Puk7NzJ9JwyP0 jJBss8g+tJDzc/n9tbT8haU1lCb1oqv8s5AVfINtZuXtXD6lZfKnqIHorXgcptOT hz34NBMaTw5O3bHR8kxMv3oL/UDiwpe91EY/uuG7f8sGdqYBuLI= =uLKB -END PGP SIGNATURE-
Bug#835394: [pkg-gnupg-maint] Bug#835394: Same issue here
On Thu 2018-01-25 22:53:18 +0100, Thomas Goirand wrote: > so really, it looks like systemd is the badly configured thing here. I don't see how systemd is "badly configured" -- the user service starts up gpg-agent the first time it's needed. gpg-agent itself invokes pinentry in order to talk to the user, so pinentry needs to know some sort of environment information. if you use pinentry-gnome3 (which is the preferred graphical pinentry) it just needs to know the $DBUS_SESSION_BUS_ADDRESS, which should be already available because the bus is already available at the time the service is launched. This will work whether you're running Wayland or X11. if you use pinentry-gtk2 or pinentry-qt within an X11 session, then gpg-agent needs to know $DISPLAY and $XAUTHORITY so it can launch pinentry. These variables should be set into the systemd user service activation environment when you log into a graphical session. (i expect "dbus-update-activation-environment --systemd DISPLAY XAUTHORITY" to be invoked by however you start your X session -- if it's not happening, that'd be good to know) so as long as you don't try to use gpg-agent (either as ssh-agent or as gpg-agent, or by explicitly "systemctl --user start gpg-agent.service") before you've logged into your graphical user session, when gpg-agent is launched, it will already know how to prompt you for a password for ssh, and you shouldn't need to manually run workarounds like: gpg-connect-agent updatestartuptty /bye If you can tell me how you start up your graphical session, maybe we can track down the problem further. Regards, --dkg signature.asc Description: PGP signature
Bug#835394: Same issue here
Hi,
$work imposed using a yubikey on me for ssh auth. After a long painful
search on how to disable the gnome-keyring on mate, I finally had the
same issue as Ganneff, and it took me another long painful web search to
find out how to fix. So I also have to do:
gpg-connect-agent updatestartuptty /bye
to get the gpg-agent to prompt for the yubikey pin to fetch the key. I
would very much like to find a fix for this, typing it on each new
session is very annoying. I'm guessing this isn't the fault of
gnupg-agent, but whoever is starting it using the --supervised option. A
quick ps auxf shows:
/lib/systemd/systemd --user
\_ (sd-pam)
\_ /usr/bin/gpg-agent --supervised
\_ scdaemon --multi-server
and pstree output is:
systemd─┬
├─systemd─┬─(sd-pam)
│ └─gpg-agent───scdaemon───2*[{pipe-connection}]
so really, it looks like systemd is the badly configured thing here.
Cheers,
Thomas Goirand (zigo)
