On 26/08/2019 01:26, Farhan Khan via Gnupg-users wrote: > I use gnupg to sign my git commits, but after a few hours of use I > have to restart gpg-agent. Before doing so, what I presume is > gpg-agent asks me to re-enter my password on a random terminal (but it > seems to drop characters and never works).
Ah yes, when I use the agent for SSH authentication and it picks the wrong terminal, if on that terminal bash is active, they seem to race for stdin. Some of the characters typed go to the pinentry, and some go to bash. The characters for bash are echoed to the screen. It's a great way to get part of your passphrase in .bash_history! :-D But for gpg, this should not happen. gpg will pass the terminal and/or the X display to the agent, which enables the agent to prompt on the correct terminal. You could try debugging the agent. If I add the following to my .gnupg/gpg-agent.conf: --8<---------------cut here---------------start------------->8--- debug ipc log-file agent.log --8<---------------cut here---------------end--------------->8--- and then issue "gpgconf --kill gpg-agent", the agent that will be subsequently started will log inter-process communication to the file agent.log in my homedir ($HOME, not $GNUPGHOME). There I can see a git commit signing passing the needed information: --8<---------------cut here---------------start------------->8--- 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 <- OPTION ttytype=screen.xterm-256color 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 -> OK 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 <- OPTION display=:0.0 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 -> OK 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 <- OPTION xauthority=/home/peter/.Xauthority 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 -> OK 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 <- OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus 2019-08-28 12:17:46 gpg-agent[21792] DBG: chan_9 -> OK --8<---------------cut here---------------end--------------->8--- Is it perhaps possible that you run something which unsets environment variables crucial to passing the TTY information to the agent? Have a look at the debug log the moment you encounter the issue again, and compare the conversation with an earlier one that did work. > As a result, the git commit fails. I have to kill > gpg-agent and restart it as "gpg-agent --daemon", which then works. Killing the agent is fine. You shouldn't need to restart it; it is autostarted and in fact it might interfere with the proper functioning if you explicitly start it but with different options set than the autostart would do. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
