Bug#623539: Takes over GPG and SSH agents from gnupg-agent and ssh-agent

2017-08-09 Thread Tjeerd Pinkert 
Dear all,

I came across this issue after an update of the 8 series (jessie) with
backports. Seems to be introduced there (or maybe it was already present
and popped back up, I vaguely remember something in the past).

Most annoying is that none of the proposed solutions work. I'm usign the
MATE desktop, and somehow, although I completely removed the
/etc/xdg/autostart/gnome-keyring-gpg.desktop and -ssh equivalent, also
in the ~/.config folder, even while adding the --disable-gpg-agent to
the remaining gnome-keyring files, gnome-keyring keeps interfering. And
stubbornly loads the gpg and ssh parts.


remaining entries have the end of the file now as follows:
-
Exec=/usr/bin/gnome-keyring-daemon --start --components=secrets
--disable-gpg-agent
OnlyShowIn=GNOME;Unity;MATE;
X-GNOME-Autostart-Phase=Initialization
X-GNOME-AutoRestart=false
X-GNOME-Autostart-Notify=true
X-GNOME-Bugzilla-Bugzilla=GNOME
X-GNOME-Bugzilla-Product=gnome-keyring
X-GNOME-Bugzilla-Component=general
X-GNOME-Bugzilla-Version=3.14.0
-

GnuPG v 2.0.26-6+deb8u
gnome-keyring 3.14.0-1+b1
pinentry-gtk2 0.9.7-5~bpo8+1

Although the help option of gnome-keyring-daemon shows that the gpg and
ssh parts are optional, they simply load during session start (gdm3 as
display manager). I could not find any other places where the
gnome-keyring-daemon is configured, any hints are welcome.

-
Solution (not very handy though):
$ killall gnome-keyring-daemon

after the gnome-keyring has been killed pinentry takes over in
thunderbird + gnupg.


Best regards,


Tjeerd


On Fri, 11 Mar 2016 23:19:48 +0100 Luca Capello  wrote:
> block 623539 by 773304
> block 623539 by 760102
> affects 623539 + gnupg-agent
> affects 623539 + libpam-ssh
> user luca.cape...@infomaniak.com
> usertag 623539 + infomaniak.com-authentication
> thanks
> 
> Hi there!
> 
> On Fri, 22 Apr 2011 17:02:45 -0700, Josh Triplett wrote:
> > retitle 623539 Takes over GPG and SSH agents from gnupg-agent and ssh-agent
> 
> At least the GnuPG part of this bug has been fixed:
> 
> - upstream[1][2][3] since gnome-keyring_3.17.4 together with
>   pinentry_0.9.5 and gnupg_2.1.6
> 
> - in Debian[4] since gnome-keyring_3.16.0-3
> 
> [1] 
> [2] 
> [3] 
> 
> [4] 
> 
> This means that the bug should already been fixed in stretch
> (gnome-keyring_3.18.3-1, pinentry_0.9.7-5 and gnupg_2.1.11-6).
> 
> For jessie, you still need to avoid gnome-keyring-gpg and -ssh startup
> as explained in the README.Debian, either with 'Hidden=true' as
> explained on Simon Josefsson's blog[5] or, better, with (works on Ubuntu
> 14.04 as well, gnome-keyring_3.10.1-1ubuntu4):
> =
> $ mkdir -p ~/.config/autostart
> $ echo 'X-GNOME-Autostart-enabled=false' \
>   | cat /etc/xdg/autostart/gnome-keyring-gpg.desktop - \
>   >>~/.config/autostart/gnome-keyring-gpg.desktop
> $ echo 'X-GNOME-Autostart-enabled=false' \
>   | cat /etc/xdg/autostart/gnome-keyring-ssh.desktop - \
>   >>~/.config/autostart/gnome-keyring-ssh.desktop
> =
> 
> [5] 
> 
> Thx, bye,
> Gismo / Luca

-- 
graag antwoord via: t.j.pink...@alumnus.utwente.nl



T.J.Pinkert
---
Wij zijn per 1 april 2017 naar Duitsland verhuisd.
Omdat we eerst tijdelijk wonen de post graag naar:

Tjeerd Pinkert
Stegerensallee 43
7701 PK Dedemsvaart
The Netherlands

Ons nieuwe tijdelijke adres is (achternaam vermelden!):
Tjeerd Pinkert
Rheinring 4b
38120 Braunschweig
Germany

telefoonnummers:
vast: +49 531 50835195 (voorkeur)
mob: +49 1 5901154868 (voorkeur)
mob: +31 6 41924439



signature.asc
Description: OpenPGP digital signature

Bug#623539: Takes over GPG and SSH agents from gnupg-agent and ssh-agent

2016-03-11 Thread Luca Capello 
block 623539 by 773304
block 623539 by 760102
affects 623539 + gnupg-agent
affects 623539 + libpam-ssh
user luca.cape...@infomaniak.com
usertag 623539 + infomaniak.com-authentication
thanks

Hi there!

On Fri, 22 Apr 2011 17:02:45 -0700, Josh Triplett wrote:
> retitle 623539 Takes over GPG and SSH agents from gnupg-agent and ssh-agent

At least the GnuPG part of this bug has been fixed:

- upstream[1][2][3] since gnome-keyring_3.17.4 together with
  pinentry_0.9.5 and gnupg_2.1.6

- in Debian[4] since gnome-keyring_3.16.0-3

[1] 
[2] 
[3] 
[4] 

This means that the bug should already been fixed in stretch
(gnome-keyring_3.18.3-1, pinentry_0.9.7-5 and gnupg_2.1.11-6).

For jessie, you still need to avoid gnome-keyring-gpg and -ssh startup
as explained in the README.Debian, either with 'Hidden=true' as
explained on Simon Josefsson's blog[5] or, better, with (works on Ubuntu
14.04 as well, gnome-keyring_3.10.1-1ubuntu4):
=
$ mkdir -p ~/.config/autostart
$ echo 'X-GNOME-Autostart-enabled=false' \
  | cat /etc/xdg/autostart/gnome-keyring-gpg.desktop - \
  >>~/.config/autostart/gnome-keyring-gpg.desktop
$ echo 'X-GNOME-Autostart-enabled=false' \
  | cat /etc/xdg/autostart/gnome-keyring-ssh.desktop - \
  >>~/.config/autostart/gnome-keyring-ssh.desktop
=

[5] 

Thx, bye,
Gismo / Luca


signature.asc
Description: Digital signature

Bug#623539: Takes over GPG and SSH agents from gnupg-agent and ssh-agent

2011-04-22 Thread Josh Triplett 
reopen 623539
retitle 623539 Takes over GPG and SSH agents from gnupg-agent and ssh-agent
thanks

Thank you for adding documentation on how to manually disable
gnome-keyring's SSH and GPG agents.  (I just ran into the SSH agent
today; apparently gnome-keyring now ignores the previous
/apps/gnome-keyring/daemon-components/ssh gconf key.)  However, this
only fixes half of the reported bug.

I have libpam-ssh installed and configured.  libpam-ssh starts an
ssh-agent with my SSH key automatically unlocked via my login password.
gnome-keyring ignores the configured SSH agent, and starts one of its
own.  Similarly, gnome-keyring ignores my configured gpg-agent, and
starts a GPG agent of its own.  Please check if the session already has
a running GPG agent, and only run the corresponding gnome-keyring agent
if not present.  That way, if the user has gpg-agent or libpam-ssh or
similar installed, it will Just Work; if not, gnome-keyring can handle
that functionality.

- Josh Triplett



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org