Hi, I am trying to use gpg-agent as a drop-in replacement for ssh-agent and I have an issue where I consistently have to kill & manually relaunch the agent upon every reboot because the agent initially refuses SSH support
I have included more information on my environment & GPG versions below, but in brief it's Fedora 28 and GPG 2.2.8. Here is my issue: * I have enabled `enable-ssh-support` in .gnupg/gpg-agent.conf and added lines to my .bashrc to set GPG_TTY and start gpg agent upon login * When I initially boot my system and log in to Gnome (Gnome3 with wayland) a gpg-agent process is started (I can see it in the process list - see initial ps output below) * If I try to use the SSH function of the agent by SSHing into a machine then SSH reports "agent refused operation" * If I kill and relaunch the agent through `gpgconf --kill gpg-agent && gpgconf --launch gpg-agent` then it starts working Please can you help me troubleshoot / debug this issue: 0) Can you think of how this can happen? 1) How can I figure out what the configuration of the _running_ agent is to check if it's picked up the options? 2) How can I get the agent to log to a file (I tried setting debug / log file options in gpg-agent.conf but that seems to have no effect) Please CC me in any responses. Thanks a lot, Alexander *## Initial ps output* alexander.hermes@dev28-wslpt ~ $ ps auxf | grep gpg-agent alexand+ 2455 0.0 0.0 370644 644 ? Ss 08:48 0:00 gpg-agent --homedir /home/alexander.hermes/.gnupg --use-standard-socket --daemon *## .gnupg/gpg-agent.conf* ###+++--- GPGConf ---+++### enable-ssh-support ###+++--- GPGConf ---+++### Mon 01 Oct 2018 10:11:45 AM +08 # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. debug-level expert debug-all verbose log-file /var/log/gpg-agent *## .bashrc gpg lines* # Setup for GPG-agent export GPG_TTY="$(tty)" # Cf. https://wiki.archlinux.org/index.php/GnuPG#SSH_agent unset SSH_AGENT_PID if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" fi (... other stuff ...) # Start gpg agent gpgconf --launch gpg-agent *## GPG2 info* alexander.hermes@dev28-wslpt .gnupg $ gpg2 --version gpg (GnuPG) 2.2.8 libgcrypt 1.8.3 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later < https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: /home/alexander.hermes/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP *## GPG-Agent info* alexander.hermes@dev28-wslpt .gnupg $ gpg-agent --version gpg-agent (GnuPG) 2.2.8 libgcrypt 1.8.3 Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later < https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. *## Kernel info + OS* Linux dev28-wslpt.grass.corp 4.17.14-202.fc28.x86_64 #1 SMP Wed Aug 15 12:29:25 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux Fedora release 28 (Twenty Eight)
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
