Hi Daniel, On Mon, Nov 14, 2016 at 10:02:55AM +0000, Daniel P. Berrange wrote: > On Sat, Nov 12, 2016 at 02:19:37PM +0100, Guido Günther wrote: > > This came in via the Debian BTS: > > > > http://bugs.debian.org/43863 > > This seems to be the wrong bug number. I've updated the commit message and added the correct bugnumber as reference. Does this look better: From: Guilhem Moulin <guilhem@xxxxxxxxxxx> Subject: [PATCH] Pass GPG_TTY env var to the ssh binary gpg-agent(1) can emulate the OpenSSH Agent protocol (which provides pubkey-authentication using an authentication-capable OpenPGP key, in addition to the usual identity files). However for a console-based password prompt (such as pinentry-curses) to work, the ‘GPG_TTY’ environment variable needs to be set to the current TTY. Using gpg-agent's ssh-agent implementation is currently not possible for SSH remote URIs, because the environment is cleaned before calling the ssh(1) binary. The enclosed patches adds ‘GPG_TTY’ to the list of environment variables passed to the child. References: http://bugs.debian.org/843863 --- src/rpc/virnetsocket.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 325a7c7..8d20074 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -848,6 +848,7 @@ int virNetSocketNewConnectSSH(const char *nodename, virCommandAddEnvPassBlockSUID(cmd, "KRB5CCNAME", NULL); virCommandAddEnvPassBlockSUID(cmd, "SSH_AUTH_SOCK", NULL); virCommandAddEnvPassBlockSUID(cmd, "SSH_ASKPASS", NULL); + virCommandAddEnvPassBlockSUID(cmd, "GPG_TTY", NULL); virCommandAddEnvPassBlockSUID(cmd, "DISPLAY", NULL); virCommandAddEnvPassBlockSUID(cmd, "XAUTHORITY", NULL); virCommandClearCaps(cmd); -- 2.10.2 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
