! Please note that this is a snapshot of our old Bugzilla server, which is read only since May 29, 2020. Please go to gitlab.xfce.org for our new server !
Add an option to pass --enable-ssh-support to gpg-agent
Status:
RESOLVED: MOVED
Priority:
Medium
Severity:
normal
Product:
Xfce4-session
Component:
General

Comments

Description Skunnyk 2015-01-08 23:54:27 CET 
Since http://git.xfce.org/xfce/xfce4-session/commit/?id=7892794fbf029a3b15d9e1320cf701bf0d31fd83 , gpg-agent is launched without the --enable-ssh-support option, unlike previous versions.

So I need to launch a xfconf-query to restore the previous behavior :
xfconf-query --create -c xfce4-session -p /startup/ssh-agent/type -t string -s gpg-agent

It would be cool to add a option to set it, for example in the Advanced tab in xfce4-session-settings, or document it :)
Comment 1 Eric Koegel editbugs 2015-02-15 13:12:22 CET 
The code portion isn't too hard but we'll need a decent UI for all the possible options. I added it to the design SIG since whatever I come up with will look terrible. https://wiki.xfce.org/design/xfce4-session/gpg-ssh-agents
Once there's an accepted mockup I'll happily get to work on implementing it!
Comment 2 Fab 2015-07-04 19:03:11 CEST 
Confirming ! After updating to xfce 4.12, I just spent two hours (!) to find this bug and to understand why gpg-agent was launched without ssh support. This made my day !!! :)
Comment 3 Yves-Alexis Perez editbugs 2015-07-04 22:56:31 CEST 
Why not just adding enable-ssh-support to .gnupg/gpg-agent.conf?
Comment 4 Fab 2015-07-05 01:07:16 CEST 
(In reply to Yves-Alexis Perez from comment #3)
> Why not just adding enable-ssh-support to .gnupg/gpg-agent.conf?

Are you talking to me ? (© :p)

If yes, the answer is : simply because it does not work.
I tried before finding this bug. I just re-tried, and :

> $ grep enable .gnupg/gpg-agent.conf 
> enable-ssh-support

(then restart the xfce session)

> $ ps x | egrep 'ssh-agent|gpg-agent'
> 26852 ?        Ss     0:00 /usr/bin/ssh-agent -s
> 26854 ?        Ss     0:00 /usr/bin/gpg-agent --sh --daemon --write-env-file /home/fab/.cache/gpg-agent-info
Comment 5 Yves-Alexis Perez editbugs 2015-07-05 10:32:55 CEST 
(In reply to Fab from comment #4)
> (In reply to Yves-Alexis Perez from comment #3)
> > Why not just adding enable-ssh-support to .gnupg/gpg-agent.conf?
> 
> Are you talking to me ? (© :p)

You and all people experiencing the problem.
> 
> If yes, the answer is : simply because it does not work.
> I tried before finding this bug. I just re-tried, and :
> 
> > $ grep enable .gnupg/gpg-agent.conf 
> > enable-ssh-support
> 
> (then restart the xfce session)
> 
> > $ ps x | egrep 'ssh-agent|gpg-agent'
> > 26852 ?        Ss     0:00 /usr/bin/ssh-agent -s
> > 26854 ?        Ss     0:00 /usr/bin/gpg-agent --sh --daemon --write-env-file /home/fab/.cache/gpg-agent-info

Well, gpg-agent.conf is a config file for gpg-agent, not for xfce4-session, so that's expected not to find the command line option. The whole point of the config file option is to *not* have to pass it on the command line. And it does work fine for me:

corsac    5806  0.0  0.0 238784  2252 ?        Ss   juil.03   0:03 gpg-agent --homedir /home/corsac/.gnupg --use-standard-socket --daemon

echo $SSH_AUTH_SOCK
/home/corsac/.gnupg/S.gpg-agent.ssh

Note that you /might/ be a victim of bug #12044 where xfce4-session startup code will fail to check that gpg-agent is currently running and run a new one, but failing to setup properly the GPG_AGENT_INFO variable. This happens with gpg-agent 2.1+.
Comment 6 Fab 2015-07-05 12:57:55 CEST 
(In reply to Yves-Alexis Perez from comment #5)
> Note that you /might/ be a victim of bug #12044 where xfce4-session startup
> code will fail to check that gpg-agent is currently running and run a new
> one, but failing to setup properly the GPG_AGENT_INFO variable. This happens
> with gpg-agent 2.1+.

I don't think so. I'm using gpg-agent from gnupg-2.0.26.


(In reply to Yves-Alexis Perez from comment #5)
> Well, gpg-agent.conf is a config file for gpg-agent, not for xfce4-session,
> so that's expected not to find the command line option.
I'm aware of this, but in this case, I don't understand your comment #3.
In my case, setting enable-ssh-support into .gnupg/gpg-agent.conf has no effect.
Note that in the manual page of gpg-agent, it's not written that gpg-agent recognizes this option from the config file. As far I  can see, it only recognizes the --enable-ssh-support command line option.

> The whole point of the config file option is to *not* have to pass it on
> the command line. And it does work fine for me:
> 
> corsac    5806  0.0  0.0 238784  2252 ?        Ss   juil.03   0:03 gpg-agent
> --homedir /home/corsac/.gnupg --use-standard-socket --daemon

Many questions : how do you start gpg-agent ? Is this xfce4-session who started it ? If yes, how do you set theses CLI options ? Why do you set « --homedir /home/corsac/.gnupg » since AFAIK it is the default ?


On my system, the only way I found to enable gpg-agent ssh support since xfce 4.12 is to run the xfconf-query command provided by the OP.
Comment 7 Yves-Alexis Perez editbugs 2015-07-05 14:40:41 CEST 
> (In reply to Yves-Alexis Perez from comment #5)
> > Well, gpg-agent.conf is a config file for gpg-agent, not for xfce4-session,
> > so that's expected not to find the command line option.
> I'm aware of this, but in this case, I don't understand your comment #3.
> In my case, setting enable-ssh-support into .gnupg/gpg-agent.conf has no
> effect.
> Note that in the manual page of gpg-agent, it's not written that gpg-agent
> recognizes this option from the config file. As far I  can see, it only
> recognizes the --enable-ssh-support command line option.
> 
> > The whole point of the config file option is to *not* have to pass it on
> > the command line. And it does work fine for me:
> > 
> > corsac    5806  0.0  0.0 238784  2252 ?        Ss   juil.03   0:03 gpg-agent
> > --homedir /home/corsac/.gnupg --use-standard-socket --daemon
> 
> Many questions : how do you start gpg-agent ? Is this xfce4-session who
> started it ? If yes, how do you set theses CLI options ? Why do you set «
> --homedir /home/corsac/.gnupg » since AFAIK it is the default ?

On Debian, it's started by /etc/X11/Xsession.d/90gpg-agent, provided by the gpg-agent package. But here it might actually have been started by gpg itself.
Comment 8 Git Bot editbugs 2020-05-26 00:46:46 CEST 
-- GitLab Migration Automatic Message --

This bug has been migrated to xfce.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.xfce.org/xfce/xfce4-session/-/issues/28.

Please create an account or use an existing account on one of our supported OAuth providers. 

If you want to fork to submit patches and merge requests please continue reading here: https://docs.xfce.org/contribute/dev/git/start#gitlab_forks_and_merge_requests

Also feel free to reach out to us on the mailing list https://mail.xfce.org/mailman/listinfo/xfce4-dev

Bug #11435

Reported by:
Skunnyk
Reported on: 2015-01-08
Last modified on: 2020-05-26

People

Assignee:
Xfce Bug Triage
CC List:
6 users

Version

Version:
Unspecified
Target Milestone:
Xfce 4.6

Attachments

Additional information