Hi, It is a followup for Linux Arch bug https://bugs.archlinux.org/task/40552
At Linux Arch we have gnupg 2.0.23 and found that gpg-agent does not handle private ecdsa keys correctly. rsa works fine. Here is how it looks: [anatol@foo ~]$ eval $(gpg-agent --daemon --enable-ssh-support) GPG_AGENT_INFO=/tmp/gpg-i3poXG/S.gpg-agent:20508:1; export GPG_AGENT_INFO; SSH_AUTH_SOCK=/tmp/gpg-xJfp79/S.gpg-agent.ssh; export SSH_AUTH_SOCK; SSH_AGENT_PID=20508; export SSH_AGENT_PID; [anatol@foo ~]$ ssh-add ~/.ssh/id_rsa Identity added: /home/anatol/.ssh/id_rsa (/home/anatol/.ssh/id_rsa) [anatol@foo ~]$ ssh-add ~/.ssh/id_ecdsa Enter passphrase for /home/anatol/.ssh/id_ecdsa: SSH_AGENT_FAILURE Could not add identity: /home/anatol/.ssh/id_ecdsa Our users claim that this stated since libgcrypt 1.6.0 update. With libgcrypt 1.5+ gpg-agent worked without a problem. Some people tried to build gnupg from 'master' branch (i.e. 2.1-beta) and found it works fine with libgcrypt 1.6+. This makes us believe that the problem is in gnupg<->libgcrypt integration. Looking at 'master' branch I see this commit http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=21dab64030c95a909767bf6d8f99e8476f9df8a2 that fixes ECC for libgcrypt 1.6. gnupg developers, do you think that it could be the reason of the problem we see? Do you plan to backport it to 2.0-stable branch? It would be great to have ECC back in the stable release. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
