Skip to content

Instantly share code, notes, and snippets.

@Flameeyes

Flameeyes/README.md

Last active October 9, 2016 12:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Flameeyes/7da9d216c3d4dcd6902d87b71c2921c8 to your computer and use it in GitHub Desktop.
Save Flameeyes/7da9d216c3d4dcd6902d87b71c2921c8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
README.md

Remote GPG Agent strangeness

Setup

In ssh_config:

Host myremotehost
RemoteForward /home/user/.gnupg/S.gpg-agent /home/user/.gnupg/S.gpg-agent
StreamLocalBindUnlink yes
ForwardX11 no

This will provide a working gpg-agent socket to the remote host.

Problem

$ echo foo > foo
$ gpg --clearsign foo
gpg: signing failed: No such file or directory
gpg: foo: clearsign failed: No such file or directory

If ssh-agent was started on a TTY, and that TTY is still open, pinentry-curses will be started there instead, but input would likely not work as intended.

Working method

$ echo foo > foo
$ DISPLAY=:0 gpg --clearsign foo
[pinentry-qt is started on the local host.]

Note: you don't need X11 forwarding, as explicited from the config.

Quick triaging

It appears scd is receiving environment data from [remote]gpg and using that to decide what to start.

Fix \o/

# gpg-agent.conf
keep-display
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment