El día jueves, mayo 02, 2024 a las 08:17:58 +0200, Werner Koch via Gnupg-users escribió:
> ... > On Linux take care to add "enable-ssh-support" to gpg-agent.conf because > on some distros the X config greps for this to decide whether to start > the ssh-agent or leave this to gpg-agent. Technically the ssh support is > always enabled and thus the option is not really required. I have this working now already up the point that ssh asks the gpg-agent to unlock the card and ask for the PIN to do so. But this is failing because gpg-agent uses: $ grep pinentry agent.tr 4692 execve("/usr/bin/pinentry", ["pinentry", "--display", ":0"], 0xffffa8004be0 /* 41 vars */) = 0 which fails with an unsupported ioctl to fd=0 while a command 'gpg -d foo.asc' works fine, and here gpg-agent uses $ grep pinentry agent-gpg.tr 4997 read(10, "OPTION allow-pinentry-notify\n", 1002) = 29 4997 write(7, "chan_10 <- OPTION allow-pinentry"..., 40) = 40 5001 execve("/usr/bin/pinentry", ["pinentry"], 0xffffa80016d0 /* 41 vars */) = 0 i.e. the pinentry command without --display ... my config file for gpg-agent look as: $ cat .gnupg/gpg-agent.conf enable-ssh-support debug-pinentry debug ipc log-file /tmp/gpg-agent-debug.log max-cache-ttl 1 # pinentry-program /usr/bin/pinentry I tried to play with the config value of pinentry-program without luck. The environment of the gpg-agent contains: GNUPGHOME=/home/purism/.gnupg GPG_TTY=not a tty Any idea how to get gpg-agent asking correctly for the PIN? matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub I am not at war with Russia. Я не воюю с Россией. Ich bin nicht im Krieg mit Russland. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users