On 28/04/2016, Peter Lebbing wrote: > On 28/04/16 02:23, NIIBE Yutaka wrote: > > In my environment of Debian, those variables are set by: > > /etc/X11/Xsession.d/90gpg-agent > > After I installed GnuPG 2.1 on my Debian Jessie (which doesn't have 2.1 > itself), I encountered annoying issues. I also use smartcards, for SSH > auth as well. I got it to run much smoother by editing this file to be > the attached file. It did have a gotcha: if there isn't an agent > running, you have to do something like: > > $ gpg-connect-agent /bye > > before you can do SSH auth. Note that the agent survives a logout/login. > > I got the impression that the explicit starting of the daemon in the > startup script somehow messed something up. But I had some trouble > pinning down the exact problem, and since it now works in a way that > works for me, I left it at this.
Yes, In 2.1 you are not supposed to start the gpg-agent on login, it starts automatically on demand. If you start it like in <2.0 you will not be able to connect to it. But ssh needs that, that is documented here https://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG_002dAGENT.html#Invoking-GPG_002dAGENT > Perhaps you could just add the gpg-connect-agent call to the > if-ssh-support conditional, and it would be purrfect. I will try that > now and see if everything stays peachy. At least in debian's default version, that is already in /etc/X11/XSession.d/90gpg-agent. But i kind of think that's responsability of the package mantainer and not gnupg upstream. Salud, g. > HTH, > > Peter. > > -- > I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. > You can send me encrypted mail if you want some privacy. > My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> > : ${GNUPGHOME=$HOME/.gnupg} > > if grep -qs '^[[:space:]]*enable-ssh-support' "${GNUPGHOME}/gpg-agent.conf"; > then > SSH_AUTH_SOCK="${GNUPGHOME}/S.gpg-agent.ssh" > export SSH_AUTH_SOCK > fi > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
