Bug#834368: [pkg-gnupg-maint] Bug#834368: gnupg: update to gnupg2 broke gpg-agent autostart

2016-08-16 Thread Werner Koch 
On Mon, 15 Aug 2016 15:40, nome...@debian.org said:

> I did not further debug it, but one guess is that there is no DISPLAY
> variable set, so pinentry fails?

That might be the case; I can't tell for sure because I am not not
running systemd.  However

  gpg-connect-agent updatestartuptty /bye

will set the DISPLAY to the current value.  I use that command after
switching to a different xserver (e.g. from laptop to desktop).

With gpg there is no need for this as gpg tells gpg-agent about the
DISPLAY and some other vars.  the ssh-agent protocols has no such
feature (volunteers to work on this welcome).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
 /* Join us at OpenPGP.conf   */

Bug#834368: gnupg: update to gnupg2 broke gpg-agent autostart

2016-08-15 Thread Norbert Preining 
On Mon, 15 Aug 2016, Joachim Breitner wrote:
> I stumbled over the same problem. I tried to fix this using
> $ systemctl --user enable gpg-agent
> and
> $ systemctl --user start gpg-agent
> and indeed it would start the gpg-agent, but using it failed with

I used
gpgconf --launch gpg-agent
manually and that works.

But it still has problems. Often it cannot sign with my keys on
the external dongle and I need to remove and reinsert the
key.

It seems that some auto-sleep or auto-terminate rubbish terminates
the connection from the key.

Norbert

--
PREINING Norbert + TeX Live & Debian Developer + http://www.preining.info
GPG: 0x860CDC13fp: F7D8 A928 26E3 16A1 9FA0  ACF0 6CAC A448 860C DC13

Bug#834368: gnupg: update to gnupg2 broke gpg-agent autostart

2016-08-15 Thread Joachim Breitner 
Hi,

On Mon, 15 Aug 2016 07:57:43 +0900 Norbert Preining 
wrote:
> Do you have any idea on how to fix this complete misbehaviour?

I stumbled over the same problem. I tried to fix this using
$ systemctl --user enable gpg-agent
and
$ systemctl --user start gpg-agent
and indeed it would start the gpg-agent, but using it failed with

sign_and_send_pubkey: signing failed: agent refused operation

I did not further debug it, but one guess is that there is no DISPLAY
variable set, so pinentry fails?

Then I found in gpg-agent(1) an entry that says

In  case  you want to use the included Secure Shell Agent you may
start the agent using:

 gpg-connect-agent /bye

So I added that to my session file, but I’m not sure if it is the right
way of doing it.

Greetings,
Joachim


-- 
Joachim “nomeata” Breitner
Debian Developer
  nome...@debian.org • https://people.debian.org/~nomeata
  XMPP: nome...@joachim-breitner.de • GPG-Key: 0xF0FBF51F
  https://www.joachim-breitner.de/

signature.asc
Description: This is a digitally signed message part

Bug#834368: gnupg: update to gnupg2 broke gpg-agent autostart

2016-08-14 Thread Norbert Preining 
Package: gnupg
Version: 2.1.14-5
Severity: serious
Justification: breaks unrelated software

Dear all,

I am relying heavily on gpg-agent to provide ssh keys from my
hardware token.

This worked without too many problems with the previous
/etc/X11/Xsession.d/90gpg-agent
With the update to 2.1 this file has changed considerable and 
states now that
# On systems with systemd running, we expect the agent to be launched
# via systemd's user mode (see /usr/lib/systemd/user/gpg-agent.service
# and systemd.unit(5)).  This allows systemd to clean up the agent
# automatically at logout.

Well, I have systemd running, and now I have *neither* ssh-agent
nor gpg-agent running, having a hard time logging into servers
where the only authentication method is by keys, and I need the
hardware dongle key.

Do you have any idea on how to fix this complete misbehaviour?

Thanks

Norbert


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnupg depends on:
ii  gnupg-agent2.1.14-5
ii  libassuan0 2.4.3-1
ii  libbz2-1.0 1.0.6-8
ii  libc6  2.23-4
ii  libgcrypt201.7.2-2
ii  libgpg-error0  1.24-1
ii  libksba8   1.3.4-4
ii  libreadline6   6.3-8+b4
ii  libsqlite3-0   3.14.0-1
ii  zlib1g 1:1.2.8.dfsg-2+b1

Versions of packages gnupg recommends:
ii  dirmngr 2.1.14-5
ii  gnupg-l10n  2.1.14-5

Versions of packages gnupg suggests:
pn  parcimonie  
ii  xloadimage  4.1-23+b2

-- no debconf information