! Please note that this is a snapshot of our old Bugzilla server, which is read only since May 29, 2020. Please go to gitlab.xfce.org for our new server !
Thunar + gpg-agent + ssh-agent: GnuPG keys aren't used
Status:
RESOLVED: INVALID

Comments

Description Alexander Kurakin 2020-04-25 14:21:07 CEST
I now it's not a forum but I haven't got answer there: https://forum.xfce.org/viewtopic.php?pid=57720
Maybe, it's an unimplemented feature or a buggy behavior?

My gpg-agent is started with 'enable-ssh-agent' option.

And 'ssh' command uses GnuPG keys to login to hosts.

But Thunar (SFTP) doesn't use them. How do I solve it?

NB: Don't confuse GnuPG and SSH keys. This issue about the first.
Comment 1 alexxcons editbugs 2020-04-26 01:12:23 CEST
Thunar uses gvfs to setup remote connections. So probably a gvfs bug (or missing feature)
As well nautilus uses gvfs .. .could you please check if the bug as well occurs there ?
Comment 2 Theo Linkspfeifer editbugs 2020-04-26 12:10:15 CEST
Does this work?

export GVFS_DEBUG=1 GVFS_DEBUG_FUSE=1
killall gvfsd
gio mount sftp://
Comment 3 Alexander Kurakin 2020-04-26 14:15:44 CEST
This scenario *doesn't* use GnuPG keys:

pkill -f gvfsd
gio mount sftp://host

But this *DOES*:

pkill gvfsd
/usr/libexec/gvfsd  # in another terminal
gio mount sftp://host

?!

Thanks!
Comment 4 Theo Linkspfeifer editbugs 2020-04-27 10:54:03 CEST
Then this is likely related to bug 13486.
Comment 5 Alexander Kurakin 2020-04-27 11:38:02 CEST
(In reply to Theo Linkspfeifer from comment #4)
> Then this is likely related to bug 13486.

Well, maybe. But how do I use it? SSH_AUTH_SOCK is exported. My Gentoo uses OpenRC.

Tried

    SSH_AUTH_SOCK="/run/user/1000/gnupg/S.gpg-agent.ssh" G_DBUS_DEBUG=all gio mount --detail sftp://mmr | grep -i -- 'ssh\|gpg\|gnupg\|gvfs'

(and 'grep dbus', also) but see nothing special...
Comment 6 Theo Linkspfeifer editbugs 2020-04-27 12:00:18 CEST
The problem is that SSH_AUTH_SOCK is exported/imported after the launch of gvfsd. If you check the environment variables of the gvfsd process, you will see that SSH_AUTH_SOCK is not set.
Comment 7 Alexander Kurakin 2020-04-27 12:11:55 CEST
(In reply to Theo Linkspfeifer from comment #6)
> The problem is that SSH_AUTH_SOCK is exported/imported after the launch of gvfsd.

In this scenario?

pkill -f gvfsd
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
gio mount sftp://host

Why? Does gio starts gvfsd, doesn't it?

(In reply to Theo Linkspfeifer from comment #6)
> If you check the environment variables of the gvfsd process, you will see that SSH_AUTH_SOCK is not set.

But yes, all of

tr '\0' '\n' < /proc/<pid>/environ | grep SSH

where <pid> is every from

pgrep -f gvfsd

output nothing. Why?
Comment 8 Theo Linkspfeifer editbugs 2020-04-27 12:35:40 CEST
> In this scenario?
That was meant for the initial launch of gvfsd (triggered by Thunar --daemon ?) on session start.

> But yes, all of ... output nothing. Why?
Bug 13486 addressed this issue, but maybe the fix is incomplete or something.
Comment 9 Alexander Kurakin 2020-04-29 17:49:46 CEST
Oh, no...

tr '\0' '\n' < /proc/<pid>/environ | grep SSH

outputs correct values. Sorry, I don't know what might changed.
Comment 10 Theo Linkspfeifer editbugs 2020-05-08 12:04:47 CEST
So, this is not a bug in the Thunar code. I suggest that we move it somewhere else or close it.
Comment 11 Alexander Kurakin 2020-05-08 12:07:11 CEST
Well, GNOME Mailing Lists ignore me.

Feel free to close.
Comment 12 alexxcons editbugs 2020-05-08 23:27:37 CEST
(In reply to Alexander Kurakin from comment #11)
> Well, GNOME Mailing Lists ignore me.
> 
> Feel free to close.

Ok, closing. 
You might want to take a try to report it here:  https://gitlab.gnome.org/GNOME/gvfs/issues

Bug #16758

Reported by:
Alexander Kurakin
Reported on: 2020-04-25
Last modified on: 2020-05-08

People

Assignee:
Xfce Bug Triage
CC List:
3 users

Version

Version:
1.8.14

Attachments

Additional information