On 08/09/17 04:44, Daniel Kahn Gillmor wrote: > > OK, the proposed fix is now part of the gnupg2 2.2.0-3 package, which > was just uploaded to unstable. >
Looks good. Thanks! > i was expecting to see it work if i log into a user account via ssh, on > a machine with libpam-systemd installed, and with that user's > ~/.gnupg/gpg-agent.conf having enable-ssh-support. > > However, it doesn't seem to work (the environment variable isn't set in > the new ssh session, despite ensuring that no other process was active > for that user before logging in), and i confess i don't know why -- > running /usr/lib/systemd/user-environment-generators/90gpg-agent by hand > produces the output i expect. > Just looked into this - the generator script is actually working properly, but the env vars it sets are not being inherited by your shell when you ssh in. It looks like this is the intended behaviour of openssh, which builds an bare-bones env [1] before invoking your shell with execve. If a user wants SSH_AUTH_SOCK to be set inside their ssh session, the easiest way is probably for them to copy the old Xsession.d script into their .bashrc or similar. --rufo [1] https://github.com/openssh/openssh-portable/blob/de4ae07f12dabf8815ecede54235fce5d22e3f63/session.c#L963
