Hello,
I have struggled with getting GPG keys to work for SSH authentication
for the better part of two days. I'm almost completely there, and would
like to ask gnupg-users' help in understanding this one last quirk.
To be brief, I have gpg-agent set up with ssh support enabled. I'm using an
aut
On 30/06/17 05:54, Ryan Lue wrote:
> Does it have something to do with the `$GPG_TTY` environment variable
> not being set on the SSH server?
Almost; it has to do with the GPG_TTY variable not being communicated to
the agent. The agent does not know on which tty the request for a
pinentry is made
On Fri, 30 Jun 2017 at 18:29:41 +0200, Peter Lebbing wrote:
> It would be really good if the SSH agent protocol would be extended to
> communicate on which tty a request comes in. Without updates to the SSH
> protocol, there is simply no way to know where it comes from.
I also hope some day this w
Hi Ryan--
On Fri 2017-06-30 11:54:46 +0800, Ryan Lue wrote:
> But for some reason, it just doesn't work with `pinentry-curses`: SSH
> (GPG) key authentication fails silently, and the server falls back to
> password authentication. (I have made sure to set `$GPG_TTY`, so
> `pinentry-curses` works j
Hi Daniel,
Yes, thanks, this absolutely did it! Sorry for not responding earlier —
I had intended to write a follow-up blog post that addressed this
question, along with that of forwarding the gpg-agent socket over SSH
with `ssh -R` (so that you can use your local machine's GPG private keys
in a r
> However, I think many people work around this problem by a) using a
> graphical pinentry and b) using a single graphical session. As long as
> one also refrains from SSH'ing from a remote terminal, with the
> combination, you've circumvented the problem by just using the
> effectively singleton g
On 13/07/17 09:29, Ryan Lue wrote:
> 1) I keep my dotfiles synced between multiple machines, and so try my
>best to keep them platform-agnostic when I can. There are definitely
>times when I can use conditionals to get different behavior on
>different machines (like `if [ "$(uname)" = D
