[Touch-packages] [Bug 1997038] [NEW] gpg-agent-ssh is an unnecessary dependency of gnupg

Fri, 18 Nov 2022 06:31:35 -0800 

Public bug reported:

Installing gnupg will also install and depend on gpg-agent(-ssh) which
will replace ssh-agent.

This is bad due to the fact that gpg-agent-ssh takes an exclusive lock
on all smartcards incorrectly yet does not actually support neither PIV
or opensc-pkcs11 integration. Until gnupg/gpg-agent/scdaemon learns how
to behave or adds support for PIV, it's not a viable replacement and
should not be considered as such.

Meaning gpg-agent-ssh will be installed and break PIV-based SSH
authentication. gpg-agent-ssh should NOT be installed unless
specifically requested, the very least it should NOT be enabled in any
way unless explicitly requested. It's a boneheaded nuisance of a
dependency right now.

** Affects: gnupg (Ubuntu)
     Importance: Undecided
         Status: Confirmed

** Bug watch added: OpenSC Issues #953
   https://github.com/OpenSC/OpenSC/issues/953

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1997038

Title:
  gpg-agent-ssh is an unnecessary dependency of gnupg

Status in gnupg package in Ubuntu:
  Confirmed

Bug description:
  Installing gnupg will also install and depend on gpg-agent(-ssh) which
  will replace ssh-agent.

  This is bad due to the fact that gpg-agent-ssh takes an exclusive lock
  on all smartcards incorrectly yet does not actually support neither
  PIV or opensc-pkcs11 integration. Until gnupg/gpg-agent/scdaemon
  learns how to behave or adds support for PIV, it's not a viable
  replacement and should not be considered as such.

  Meaning gpg-agent-ssh will be installed and break PIV-based SSH
  authentication. gpg-agent-ssh should NOT be installed unless
  specifically requested, the very least it should NOT be enabled in any
  way unless explicitly requested. It's a boneheaded nuisance of a
  dependency right now.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1997038/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to