Hi Mark-- On Mon 2017-02-06 08:35:47 -0500, Mark Brown <broo...@debian.org> wrote: > I've got: > > SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent > > (this is manually forced since gnome-keyring appears to be managing to > force itself as the SSH agent, I've filed a separate bug about that).
This isn't gpg-agent's ssh authentication socket. You're trying to talk
to the normal gpg-agent socket, which likes to respond with "OK Pleased
to meet you" -- definitely not valid ssh-agent communication :)
Please try it with:
SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
instead. Or, place "enable-ssh-support" in ~/.gnupg/gpg-agent.conf and
let /etc/X11/Xsession.d/90gpg-agent set that variable for you.
> When I try to list keys I get:
>
> $ ssh-add -L
> error fetching identities for protocol 2: invalid format
> The agent has no identities.
>
> Similarly attempting to SSH result in:
>
> debug1: pubkey_prepare: ssh_fetch_identitylist: invalid format
>
> in the SSH verbose output. If I manually disable all the systemd based
> activation and start gpg-agent from the command line with --daemon then
> the problem is resolved and I can happily authenticate.
using the same $SSH_AUTH_SOCK? I'd be very surprised at this!!
> Severity important since this is preventing me logging into remote
> systems (including in my case kernel.org which is preventing me doing
> upstream kernel work right now).
Please let me know if using the ssh socket works for you.
Thanks,
--dkg
signature.asc
Description: PGP signature
