Hi,
I've found the answer on the [GPG Website][1] itself. The agent was
failing to find on which screen to display the Pinentry window. I just
had to put the following in my .*shrc file:
echo "UPDATESTARTUPTTY" | gpg-connect-agent > /dev/null 2&>1
[1]: https://www.gnupg.org/documentation/manuals/gnupg/Common-Problems.html
__
Jimmy
___
Jimmy THRASIBULE <thrasibule.jimmy@xxxxxxxxx>
2015-07-22 23:41 GMT+02:00 Jimmy Thrasibule <thrasibule.jimmy@xxxxxxxxx>:
> Hello,
>
> I'm running Fedora 22. I'm trying to setup GnuPG to have my SSH
> connections authenticated using my PGP authentication subkey that is
> located on my Yubikey Neo.
>
> I have a systemd unit starting the gpg-agent as following:
>
>
> /usr/bin/gpg-agent --homedir=%h/.gnupg --daemon --use-standard-socket
>
>
> And I have enabled SSH support in the configuration:
>
>
> enable-ssh-support
> pinentry-program /usr/bin/pinentry-gtk
>
>
> Other parts of the setup include adding the [keygrip][1] of my key to
> the ~/.gnupg/sshcontrol file, adding my [public key][2] to the remote
> host and declaring the [environment variables][3].
>
> Globally looking at the various logs the setup wants to work, I can
> see that SSH is finding the key but actually failing to sign with it.
> If I look at the logs from gpg-agent, I can see that it is failing to
> launch the pinentry program and therefore, no requesting for the PIN
> code:
>
>
> 2015-07-22 23:23:28 gpg-agent[6758] DBG: error calling pinentry:
> Ioctl() inappropriate for a device <Pinentry>
> 2015-07-22 23:23:28 gpg-agent[6758] DBG: chan_8 -> BYE
> 2015-07-22 23:23:28 gpg-agent[6758] DBG: chan_7 -> CAN
> 2015-07-22 23:23:28 gpg-agent[6758] DBG: chan_7 <- ERR 100663573
> The IPC call was canceled <SCD>
> 2015-07-22 23:23:28 gpg-agent[6758] smartcard signing failed:
> Ioctl() inappropriate for a device
> 2015-07-22 23:23:28 gpg-agent[6758] ssh sign request failed:
> Ioctl() inappropriate for a device <Pinentry>
>
>
> What we see here is that when used in combination with SSH, some ioctl
> call is failing while calling pinentry. However if I run the
> following:
>
>
> $ echo "Test" | gpg2 -s
>
>
> The PIN window is popping up and it's all working fine.
>
> Can you help me understand what's going on with this setup and SSH?
>
>
> [1]: https://lists.gnupg.org/pipermail/gnupg-users/2012-July/045059.html
> [2]: https://lists.gnupg.org/pipermail/gnupg-users/2012-July/045115.html
> [3]: https://www.gnupg.org/documentation/manuals/gnupg/Agent-Examples.html#Agent-Examples
>
> ___
> Jimmy THRASIBULE <thrasibule.jimmy@xxxxxxxxx>
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
