Page MenuHome GnuPG
Create Task
Maniphest T2142

Regression in --enable-ssh-support with GnuPG 2.1.8 and 2.1.9?
Closed, ResolvedPublic
Actions

Description

Hi,

I've been using GnuPG, 2.1.7 and prior, as my OpenSSH agent without any
problems. It seems that after upgrading to 2.1.8 as well as 2.1.9, this now
fails as follows:

[hloeung@ragnar tmp]$ gpg-agent --homedir /home/hloeung/.gnupg --daemon -v --
enable-ssh-support --debug-level advanced --debug-all --no-detach
gpg-agent[26764]: reading options from '/home/hloeung/.gnupg/gpg-agent.conf'
gpg-agent[26764]: enabled debug flags: command ipc
gpg-agent[26764]: listening on socket '/home/hloeung/.gnupg/S.gpg-agent'
gpg-agent[26764]: listening on socket '/home/hloeung/.gnupg/S.gpg-agent.ssh'
SSH_AUTH_SOCK=/home/hloeung/.gnupg/S.gpg-agent.ssh; export SSH_AUTH_SOCK;
gpg-agent[26765]: gpg-agent (GnuPG) 2.1.9 started
gpg-agent[26765]: ssh handler 0x7f542a3fe700 for fd 5 started
gpg-agent[26765]: ssh request 1 is not supported
gpg-agent[26765]: ssh request handler for request_identities (11) started
gpg-agent[26765]: ssh request handler for request_identities (11) ready
gpg-agent[26765]: ssh handler 0x7f542a3fe700 for fd 5 terminated

[hloeung@ragnar tmp]$ ssh-add -l
error fetching identities for protocol 1: agent refused operation
error fetching identities for protocol 2: invalid format
The agent has no identities.

Details

Version
2.1.9

Event Timeline

hloeung set Version to 2.1.9.Nov 3 2015, 2:30 AM
hloeung added projects: gnupg, Bug Report.
hloeung added a subscriber: hloeung.
hloeung added a comment.Nov 3 2015, 2:37 AM

With 'ssh -vv':

debug1: pubkey_prepare: ssh_fetch_identitylist: invalid format

gpg-agent[26765]: ssh handler 0x7f5429bfd700 for fd 5 started
gpg-agent[26765]: ssh request handler for request_identities (11) started
gpg-agent[26765]: ssh request handler for request_identities (11) ready
gpg-agent[26765]: ssh handler 0x7f5429bfd700 for fd 5 terminated

hloeung added a comment.Nov 4 2015, 1:29 AM

I managed to fix this by removing these SSH keys from ~/.gnupg/private-keys-v1.d
and re-adding them with 'ssh-add'.

gniibe added a subscriber: gniibe.Nov 10 2015, 7:20 AM

Sorry for your trouble. I believe that your key includes ed25519.

Once, we introduced a bug and it was fixed in 2.1.9. For a key registered by
old GnuPG by ssh-add, it should be removed and to be add again.

gniibe closed this task as Resolved.Nov 10 2015, 7:20 AM
gniibe claimed this task.
hloeung reopened this task as Open.Nov 11 2015, 7:27 AM

Yep, that was it.

Thanks Niibe.

hloeung closed this task as Resolved.Nov 11 2015, 7:27 AM