I have an account, bob, on a machine that is used for building rpms and then creating and signing a repository.
If I log in to the machine as bob via ssh and run $ gpg -a --detach-sign somedir/repodata/repomd.xml then all is well. As the bob account will be used by multiple people I want to block ssh logins for bob and have people log in via ssh with their own account and use 'su -' to become the user. This then leaves a trail in the log of who became bob when. But, if I log in to the machine as myself, then do $ su - bob Then run $ gpg -a --detach-sign somedir/repodata/repomd.xml I get gpg: using PGP trust model gpg: key B97DE878: accepted as trusted key You need a passphrase to unlock the secret key for user: "Bob" 4096-bit RSA key, ID B97DE878, created 2009-05-19 can't connect to `/home/bob/.gnupg/S.gpg-agent': No such file or directory gpg: no running gpg-agent - starting one gpg-agent[29808]: command get_passphrase failed: Operation cancelled gpg: cancelled by user gpg: no default secret key: General error gpg: signing failed: General error I'm never given a chance to enter the passphrase, gpg just declares failure and tells me I canceled the operation. Which I didn't. I've compared the output of 'env' for both an ssh login session and 'su -' session and apart from a few variables relating to ssh, they're the same. There must be something different about the sessions that explains why I'm never given a chance to enter the passphrase in the 'su -' session, but I'm at a loss as to what. I did try searching the mailing lists and Google, but 'su' results in an huge amount of (at least seemingly) irrelevant hits, so I gave up fairly quickly! Can anyone offer any insight in this issue? thanks, mike _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
