Your message dated Mon, 13 Feb 2017 15:18:52 +0000
with message-id <[email protected]>
and subject line Bug#854005: fixed in gnupg2 2.1.18-5
has caused the Debian Bug report #854005,
regarding ssh-agent no longer works
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
854005: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854005
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnupg-agent
Version: 2.1.18-3
Severity: normal
Hi,
Since a recent upgrade, gnupg-agent no longer finds the authentication
(SSH) key on my OpenPGP smartcard:
wouter@gangtai:~$ gpg --card-status
Reader ...........: ACS ACR38U 00 00
Application ID ...: D2760001240102010005000047360000
Version ..........: 2.1
Manufacturer .....: ZeitControl
Serial number ....: 00004736
Name of cardholder: Wouter Verhelst
Language prefs ...: nl
Sex ..............: male
URL of public key :
http://pgp.surfnet.nl:11371/pks/lookup?op=get&search=0x9B69FDF3F0DA0948066129F72DFC519954181296
Login data .......: [not set]
Signature PIN ....: forced
Max. PIN lengths .: 32 32 32
PIN retry counter : 3 0 3
Signature counter : 116
Signature key ....: 9B69 FDF3 F0DA 0948 0661 29F7 2DFC 5199 5418 1296
created ....: 2016-04-11 11:46:27
Encryption key....: B057 2256 DD3D 8275 A1F2 3015 EBC4 535B 0557 DB14
created ....: 2016-04-11 11:46:27
Authentication key: B7D1 52E7 6233 6135 DBEF 6435 965E 159D 1F28 844B
created ....: 2016-04-11 11:46:27
General key info..: pub rsa4096/2DFC519954181296 2016-04-11 Wouter
Verhelst <[email protected]>
sec> rsa4096/2DFC519954181296 created: 2016-04-11 expires: never
card-no: 0005 00004736
ssb> rsa4096/965E159D1F28844B created: 2016-04-11 expires: never
card-no: 0005 00004736
ssb> rsa4096/EBC4535B0557DB14 created: 2016-04-11 expires: never
card-no: 0005 00004736
wouter@gangtai:~$ echo "foo bar" | gpg -r 54181296 -e | gpg
gpg: please do a --check-trustdb
gpg: 54181296: skipped: public key already present
gpg: encrypted with 4096-bit RSA key, ID EBC4535B0557DB14, created
2016-04-11
"Wouter Verhelst <[email protected]>"
foo bar
wouter@gangtai:~$ echo $SSH_AUTH_SOCK
/run/user/1000/gnupg/S.gpg-agent.ssh
wouter@gangtai:~$ ssh-add -l
The agent has no identities.
The interesting part of the above is that the last command (the "ssh-add
-l" bit) actually reads from the card (I can see the cardreader LED
flash). It just doesn't find anything.
Note: I removed the "90gpg-agent" file from Xsession.d, since it messes
up some other SSH key setup that I have, very much in the same way that
gnome-keyring messes up gpg-agent. With the previous version of
gpg-agent, it was enough to just run "gpg --card-status" to start the
agent and make the ssh key stuff work.
Having to fight with all of that is pretty ironic, given that ssh-agent
actually supports external modules through PKCS#11. Ah well.
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unreleased'), (500, 'unstable'),
(500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, m68k, arm64
Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gnupg-agent depends on:
ii libassuan0 2.4.3-2
ii libc6 2.24-9
ii libgcrypt20 1.7.6-1
ii libgpg-error0 1.26-2
ii libnpth0 1.3-1
ii libreadline7 7.0-2
ii pinentry-curses [pinentry] 1.0.0-1
ii pinentry-gnome3 [pinentry] 1.0.0-1
Versions of packages gnupg-agent recommends:
ii gnupg 2.1.18-3
Versions of packages gnupg-agent suggests:
ii dbus-user-session 1.10.14-1
ii libpam-systemd 232-15
ii pinentry-gnome3 1.0.0-1
ii scdaemon 2.1.18-3
-- Configuration Files:
/etc/X11/Xsession.d/90gpg-agent changed:
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnupg2
Source-Version: 2.1.18-5
We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <[email protected]> (supplier of updated gnupg2
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 Feb 2017 09:15:07 -0500
Source: gnupg2
Binary: gnupg-agent scdaemon gpgsm gnupg gnupg2 gpgv gpgv2 dirmngr gpgv-udeb
gpgv-static gpgv-win32 gnupg-l10n
Architecture: source
Version: 2.1.18-5
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuPG Maintainers <[email protected]>
Changed-By: Daniel Kahn Gillmor <[email protected]>
Description:
dirmngr - GNU privacy guard - network certificate management service
gnupg - GNU privacy guard - a free PGP replacement
gnupg-agent - GNU privacy guard - cryptographic agent
gnupg-l10n - GNU privacy guard - localization files
gnupg2 - GNU privacy guard - a free PGP replacement (dummy transitional pa
gpgsm - GNU privacy guard - S/MIME version
gpgv - GNU privacy guard - signature verification tool
gpgv-static - minimal signature verification tool (static build)
gpgv-udeb - minimal signature verification tool (udeb)
gpgv-win32 - GNU privacy guard - signature verification tool (win32 build)
gpgv2 - GNU privacy guard - signature verification tool (dummy transition
scdaemon - GNU privacy guard - smart card support
Closes: 648331 734889 852702 854005 854595 854616
Changes:
gnupg2 (2.1.18-5) unstable; urgency=medium
.
[ Daniel Kahn Gillmor ]
* Xsession.d/90gpg-agent: use simpler and more direct gpgconf
invocations for socket names.
.
[ NIIBE Yutaka ]
* scdaemon.udev: Add Yubikey and Nitrokey (Closes: #648331, 734889).
* scdaemon fix for PC/SC (Closes: #852702, #854005, #854595, #854616).
Checksums-Sha1:
7107ae53a9a7b92c96abd2189b34a0d9cd1fba99 3148 gnupg2_2.1.18-5.dsc
b31b7f97466e99c49c4eb9320b6df12d32d87e78 67321 gnupg2_2.1.18-5.debian.tar.bz2
a1c521fc8bf43272c59490065eef86cecf06821d 9975 gnupg2_2.1.18-5_source.buildinfo
Checksums-Sha256:
8eb4d1d8bb97ac770e8f50e558046981fd6f1fea169ae5e74ac959a6d033a35d 3148
gnupg2_2.1.18-5.dsc
e6dbc03c9a163baff078a47b0f7c023d8b830f80bf6ae486e6a580fbdb71d9c2 67321
gnupg2_2.1.18-5.debian.tar.bz2
e24155aeaccd93a834ace33df252d57538679afff471235bb770af4140365ec8 9975
gnupg2_2.1.18-5_source.buildinfo
Files:
cffe62364ca47384f8347317a5d1a673 3148 utils optional gnupg2_2.1.18-5.dsc
950b349fb8ed2ee14a00155da3ae2650 67321 utils optional
gnupg2_2.1.18-5.debian.tar.bz2
f39a698baf6d532deab22cb867f3a4b3 9975 utils optional
gnupg2_2.1.18-5_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJKBAEBCgA0FiEEOCdgUepHf6PklTkyFJitxsGSMjcFAlihyfYWHGRrZ0BmaWZ0
aGhvcnNlbWFuLm5ldAAKCRAUmK3GwZIyN9UvD/0aFI/Jphk4kTyJC/bx5G7vcgpu
pPCrtlb5/FDvko1XJUMohcS8dFuMf7PPHpQZH31kjqawbQMSzVYhXy9wZL6r+hrg
xz68kJ1CgCTFO/HB+h1dTLASt4OuVGfKGpkuueXenR3kCY7Ghx8H6YOlhYRMtVT6
yWhdpGKHIvR82sCLN61iqMut3NTh47MB1QUmWd1zQPNoGPWLBK2dt7hNvqQWvFZ4
XXsGkjk6LQrZegX4JIrAEjsqIjXQlKJhOWnCA4+86EIVbjnUaYjZKX7q2dHOG21Y
DxT6rn4qx9PCMTR5krJPht4R1hbc6C0aZT4y3I6Cp53FS3uZGD84YxGYND9v5WSb
auu5FGwE0xN+RAbHOVTxh0lIuySJJTkIdX78kqsnuaSaNkXCfgiNo3xacs9uY+9d
TYKg17ouRsbnETkVqpDngTaaaY9pK6ajk/u3uyA3znEWp870ww/7gvrMjCl1gkfP
hinmFseLTKOvHQFlDAZb6HTj/V7SXqSr25hMpSoWNXC8ylypfh90fnDD+YNpFXMm
VND3eZTNtW/EEQTxiWVbDrWXFoIrFTioRHLlbH4rC3dkJ0RjxeMiKcKPzrap/5ht
6vu/nqkBgltt/8UPIctb+6Qe5czMFDJj8T+B/m3+sarCzjd4njHcn0Og4H4flvqY
M07IRiEkzX00kH824A==
=fpGR
-----END PGP SIGNATURE-----
--- End Message ---
