You are not logged in.
Hello everyone,
What I want : I would like gpg-agent to only ask for gpg and ssh passphrases one per session, and work with git
Symptoms
using git with ssh and signed commits does prompt for passphrase, using the right pinentry configuration, and the commit sign and the push work
within the same session, doing a new commit or a new push asks for the passphrases again, as if there was no agent running
if I don't run echo UPDATESTARTUPTTY | gpg-connect-agent , I have sign_and_send_pubkey: signing failed: agent refused operation errors when trying to commit, and logs show failed to unprotect the secret key: Inappropriate ioctl for device arch linux errors
My config files
#~/.pam_environment
GSM_SKIP_SSH_AGENT_WORKAROUND DEFAULT=1 # this should disable gnome keyring, as per wiki instructions (and it works if I use ssh-agent)
SSH_AGENT_PID DEFAULT=
SSH_AUTH_SOCK DEFAULT="${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh"# ~/.config/systemd/user/gpg-agent.service
[Unit]
Description=GnuPG private key agent
IgnoreOnIsolate=true
[Service]
Type=forking
ExecStart=/usr/bin/gpg-agent --supervised
Restart=on-abort
[Install]
WantedBy=default.target# ~/.gnupg/gpg-agent.conf
max-cache-ttl 60480000
default-cache-ttl 60480000
max-cache-ttl-ssh 60480000
default-cache-ttl-ssh 60480000
pinentry-program /usr/bin/pinentry-curses
enable-ssh-support
supervisedLogs and info
This sounds correct
$ echo $SSH_AUTH_SOCK
/run/user/1000/gnupg/S.gpg-agent.ssh
$ssh-add -l
256 SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx jubijub@gmail.com (ED25519)I have strange timeout issues in journalctl
Jun 16 16:54:37 fastlearner systemd[1095]: Starting GnuPG private key agent...
Jun 16 16:54:37 fastlearner gpg-agent[6044]: gpg-agent (GnuPG) 2.2.16 starting in supervised mode.
Jun 16 16:54:37 fastlearner gpg-agent[6044]: using fd 3 for std socket (/run/user/1000/gnupg/S.gpg-agent)
Jun 16 16:54:37 fastlearner gpg-agent[6044]: using fd 4 for browser socket (/run/user/1000/gnupg/S.gpg-agent.browser)
Jun 16 16:54:37 fastlearner gpg-agent[6044]: using fd 5 for ssh socket (/run/user/1000/gnupg/S.gpg-agent.ssh)
Jun 16 16:54:37 fastlearner gpg-agent[6044]: using fd 6 for extra socket (/run/user/1000/gnupg/S.gpg-agent.extra)
Jun 16 16:54:37 fastlearner gpg-agent[6044]: listening on: std=3 extra=6 browser=4 ssh=5
Jun 16 16:54:57 fastlearner tracker-store[5882]: OK
Jun 16 16:54:57 fastlearner systemd[1095]: tracker-store.service: Succeeded.
Jun 16 16:56:07 fastlearner systemd[1095]: gpg-agent.service: Start operation timed out. Terminating.
Jun 16 16:56:07 fastlearner systemd[1095]: gpg-agent.service: Failed with result 'timeout'.
Jun 16 16:56:07 fastlearner gpg-agent[6044]: SIGTERM received - shutting down ...
Jun 16 16:56:07 fastlearner gpg-agent[6044]: gpg-agent (GnuPG) 2.2.16 stopped
Jun 16 16:56:07 fastlearner systemd[1095]: Failed to start GnuPG private key agent.
Jun 16 16:57:09 fastlearner systemd[1095]: Starting GnuPG private key agent...
Jun 16 16:57:09 fastlearner gpg-agent[6712]: gpg-agent (GnuPG) 2.2.16 starting in supervised mode.
Jun 16 16:57:09 fastlearner gpg-agent[6712]: using fd 3 for std socket (/run/user/1000/gnupg/S.gpg-agent)
Jun 16 16:57:09 fastlearner gpg-agent[6712]: using fd 4 for browser socket (/run/user/1000/gnupg/S.gpg-agent.browser)
Jun 16 16:57:09 fastlearner gpg-agent[6712]: using fd 5 for ssh socket (/run/user/1000/gnupg/S.gpg-agent.ssh)
Jun 16 16:57:09 fastlearner gpg-agent[6712]: using fd 6 for extra socket (/run/user/1000/gnupg/S.gpg-agent.extra)
Jun 16 16:57:09 fastlearner gpg-agent[6712]: listening on: std=3 extra=6 browser=4 ssh=5
Jun 16 16:57:09 fastlearner dbus-daemon[1121]: [session uid=1000 pid=1121] Activating via systemd: service name='org.freedesktop.Tracker1' unit='tracker-store.service' requested by ':1.41' (uid=1000 pid=1341 comm>
Jun 16 16:57:09 fastlearner systemd[1095]: Starting Tracker metadata database store and lookup manager...
Jun 16 16:57:09 fastlearner dbus-daemon[1121]: [session uid=1000 pid=1121] Successfully activated service 'org.freedesktop.Tracker1'
Jun 16 16:57:09 fastlearner systemd[1095]: Started Tracker metadata database store and lookup manager.
Jun 16 16:57:39 fastlearner tracker-store[6719]: OK
Jun 16 16:57:39 fastlearner systemd[1095]: tracker-store.service: Succeeded.
Jun 16 16:58:39 fastlearner systemd[1095]: gpg-agent.service: Start operation timed out. Terminating.
Jun 16 16:58:39 fastlearner gpg-agent[6712]: SIGTERM received - shutting down ...
Jun 16 16:58:39 fastlearner gpg-agent[6712]: gpg-agent (GnuPG) 2.2.16 stopped
Jun 16 16:58:39 fastlearner systemd[1095]: gpg-agent.service: Failed with result 'timeout'.
Jun 16 16:58:39 fastlearner systemd[1095]: Failed to start GnuPG private key agent.I am 100% sure gnome-keyring isn't interfering as I disabled it (see below what I have tried)
$ ps -e | grep gnome
723 tty1 00:00:00 gnome-session-b
755 tty1 00:00:03 gnome-shell
1105 ? 00:00:00 gnome-keyring-d
1123 tty2 00:00:00 gnome-session-b
1159 tty2 00:01:31 gnome-shell
5586 tty2 00:00:00 chrome-gnome-shWhat I tried
echo UPDATESTARTUPTTY | gpg-connect-agent ==> returns OK, but same issues are happening. This does fix the issue sign_and_send_pubkey: signing failed: agent refused operation
Starting the service with an ExecStart=/usr/bin/gpg-agent --daemon --enable-ssh-support --supervised ==> same issues
I am 100% sure I removed ssh-agent (disabled the service, removed the symlink in ~/.config/systemd/user/default.target.wants, .pam_environment now points to gpg-agent, and there is no ref to start ssh-agent in my .zshrc). I also did the cp /etc/xdg/autostart/gnome-keyring-ssh.desktop ~/.config/autostart/ &&
echo 'Hidden=true' >> ~/.config/autostart/gnome-keyring-ssh.desktop
Last edited by Jubijub (2019-06-16 16:36:44)
Offline