KDE4.1 ssh-agent and gpg-agent
Suddenly after an update of kdeworkspace my ssh-agent and gpg-agent have stopped working. Does anyone else have also this problem?
Regards,
I've also had this problem, although I don't know the exact time it stopped working as I have not had to use my laptop to ssh for a while.
Everything seems to get created OK - the socket is created:
[daren@daren_laptop env]$ ll /tmp/gpg-MZi0kX/
total 0
srwxr-xr-x 1 daren daren 0 2009-01-18 10:06 S.gpg-agent
and the env variable points to it:
[daren@daren_laptop env]$ env | grep GPG
GPG_AGENT_INFO=/tmp/gpg-MZi0kX/S.gpg-agent:4508:1
and the agent is running on the correct pid:
[daren@daren_laptop env]$ ps axf | grep gpg-agent
4508 ? Ss 0:00 gpg-agent --daemon
4902 pts/0 R+ 0:00 \_ grep gpg-agent
If i run ssh-add from the command line, I get this:
[daren@daren_laptop env]$ ssh-add
Could not open a connection to your authentication agent.
[daren@daren_laptop env]$
I'm not that clued up on using the agent - it's always "just worked" after adding the script to ~/.kde4/env, but I'm kind of stuck now. There was another post about issues with KDE 4.1 and the agents, but they resolved theirs by doing what I've had setup for a while now.
Similar Messages
-
Link scanner agent and loader agent pop ups that won't go away
Link scanner agent and loader agent pop ups won't go away. How do I get them to stop?
the same thing has been happening to me for a while, it doesnt seem to affect anything but i would like to get rid of it, i feel like it might be a bug.
-
hello gurus,
I am in need of technical details of SQL agent and SAP agent of Symantec database backup server for SQL server/ windows.
Can anybody please help me in this??
Thanks and Regards,
RahulHi Kevin,
I have some queries and i believe, you can answer it.
I have the following system
OS/ Applications details
1) Windows 2003 enterprise edition 32 bit
2) MS SQL Server 2005
3) SAP ECC 6.0
Sever details
1) IBM x3650 dual Xeon server 5120@ 1.86 GHz,
2) RAID level I
3) RAM 8 GB
I want to go for Symantec database backup software. What information I have is, to take SAP systems database backup through Symantec you need to have.
1) SQL Agent of Symantec
2) SAP Agent of Symantec
Given these information can you please help me out in putting the backup system in place.?
Thanks and Regards,
Rahul -
Log Reader Agent and Snapshot Agent wont start
Hi There,
I've two SQL 2012 servers with multiple instances installed.
I've started replicating the databases in these instances using transactional replication and thus far they've worked without a hitch.
One of my instances, annoyingly, has an issue where the Log Reader Agent and Snapshot Agent refuse to start, and I've followed exactly the same process as with the other instances\databases.
The Agents are configured to make use of a domain user account with sysadmin permissions to the instances on both servers.
I get the following two error when I View Log Reader Agent Status:
The job failed. The Job was invoked by User sa. The last step to run was step 2 (Run agent.).
I've asked the agent to run as my DOMAIN\sqlservice account, so I've no idea why it's moaning about sa?!!?
I get the following error when I View Snapshot Agent Status:
The replication agent has not logged a progress message in 10 minutes. This might indicate an unresponsive agent or high system activity. Verify that records are being replicated to the destination and that connections to the Subscriber, Publisher, and Di
If I try to start either agent I'm told that the request to run job was refused because the job has been suspended, "Changed database context"?? Error 22022.
Can anyone help?This is because your job owner is sa. Right click on your job and notice the owner - but is should be sa.
You likely have another issue. You may need to run the job and configure it for logging to see what the error is.
http://support.microsoft.com/kb/312292/en-us
looking for a book on SQL Server 2008 Administration?
http://www.amazon.com/Microsoft-Server-2008-Management-Administration/dp/067233044X looking for a book on SQL Server 2008 Full-Text Search?
http://www.amazon.com/Pro-Full-Text-Search-Server-2008/dp/1430215941 -
CSA agent and NAC agent together
Hi, do you have experience of CSA agent and NAC agent together on the same pc ?
Does one include the other ?
Which one have I to test first ?
thank you in advance
greatings
RSCisco Trust Agent collects security posture information from the NAC-compliant applications running on the network client and reports them to the Cisco Secure Access Control Server (ACS). These are some NAC-compliant applications:
- Antivirus applications
- Personal firewalls
- Host-based intrusion protection applications, such as Cisco Security Agent (CSA)
Cisco NAC is a strategic element of the Self-Defending Network. Working together with other Self-Defending Network components such as Cisco Security Agent and the Cisco Security Monitoring, Analysis, and Response System (Cisco Security MARS), Cisco NAC helps organizations achieve more accurate threat identification and prevention while increasing patch management efficiency. -
Doubt in possible agent and responsible agent.
Hi All.
Can any one please help me in solving difference between possbile agents as responsible agents.
As per my understanding we will maintain the possible agents in the task definition and responsible agents in the work flow definition.
For example if a invoice posting needs to be handled,if i define three agents in the task definition as possible agents who will become the responsible agents out of three..
can any one please help me in understanding the difference between possible agent and responsible agent?
Thanks in advance.Hi ,
It's very small but interesting doubt :P
If in activity level any agent is maintain like we maintain &_wf_initiator& generally. that agent is the responsible agent .. or if any rule is maintained then the agents selected by the rule will be responsible agents but the ..
There is something which you have missed is recipients .. who actually receives the workitems in their inboxs.. these are the user who are the intersection of possible and responsible agents..
In short
Possible agents as you have said..
Responsible are the agents you maintain at activity level or get selected by the rule.
and Recipents who actually gets the workitem..
hope this will help you
Regards
Dev -
Difference between local agent and standalone agent
Hi all,
Can you please tell me the difference between local agent and standalone agent?
I am getting a bit confused about this.
Regards,
SouravLocal agent will be running under the context of the main ODI session i.e. it is linked to an open session of the designer, operator etc. Standalone ODI agents run in their own JVM process and could be installed on any server and do not require an open instance of the ODI client GUI to run scenarios
-
Keychain and gpg-agent not getting along
I have a problem with gpg-agent. I have been using the Funtoo keychain tool for a while, for my SSH keys exclusively. Works flawlessly - I log in, I call keychain, I type in my passphrases, and it caches my keys. Never get prompted for a passphrase during SSH connection attempts.
GPG is a different story. I have a GPG key, and I occasionally en- and decrypt files with it. So far so good. I also found out how to get keychain to cache the GPG key. It also picks up my gpg-agent, which is started as per the wiki entry (except that instead of putting it systemwide in /etc/profile.d, I put it in Openbox's ~/.config/openbox/environment file, which is where the SSH agent stuff is supposed to go as well.
Gpg-agent seemingly launches fine, it exports its environment variables just fine:
$ echo $GPG_AGENT_INFO
/tmp/gpg-3faT29/S.gpg-agent:2352:1
$ cat .gnupg/gpg-agent.env
GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1
There's only one gpg-agent process running:
$ ps aux|grep gpg-agent
luser 2352 0.0 0.0 16252 1184 ? Ss 00:00 0:00 gpg-agent --daemon --write-env-file /home/stijn/.gnupg/gpg-agent.env
luser 3411 0.0 0.0 9276 1016 pts/0 S+ 00:16 0:00 grep gpg-agent
Keychain picks that up as well:
$ keychain --eval
* keychain 2.7.1 ~ http://www.funtoo.org
* Found existing ssh-agent: 2346
SSH_AUTH_SOCK=/tmp/ssh-YhDgORoL2345/agent.2345; export SSH_AUTH_SOCK;
SSH_AGENT_PID=2346; export SSH_AGENT_PID;
* Found existing gpg-agent: 2352
GPG_AGENT_INFO=/tmp/gpg-3faT29/S.gpg-agent:2352:1; export GPG_AGENT_INFO;
* Known ssh key: /home/stijn/.ssh/id_rsa-amalthea
* Known ssh key: /home/stijn/.ssh/id_rsa-athena
* Known ssh key: /home/stijn/.ssh/id_rsa-zeus
* Known ssh key: /home/stijn/.ssh/id_rsa-mnemosyne
* Known gpg key: [8 digit hex key]
However, when I open Mutt (or just try to decrypt about any GPG encrypted file), it will prompt me for the passphrase, despite the key already being cached. Passing --use-agent does not help (I also set that in ~/.gnupg/gpg.conf).
The bizarre thing being, of course, that the keychain-cached key did not get picked up, but if I enter my passphrase into the prompt I get the first time I call gpg, it does seem to get cached - I can open mutt, decrypt files, etc., it will all use that cached key.
Any tips? I get the feeling I'm missing something, but couldn't find what exactly.
Last edited by .:B:. (2011-12-06 22:25:27)Gpg-agent by itself works fine, although I get the feeling that, a bit like sudo, there's an expiration date on the cached key - it seems I need to type the passphrase again after a few hours or so.
Either way, I'd love to get this working with keychain. -
as we have now gpg-agent in the repos, i just wondered why kmail do not work with it
i did everything from http://kmail.kde.org/kmail-pgpmime-howto.html
but still kmail is opening the dialogue to type the passphrase and kgpg is complaining now this:
i'm starting gpg-agent from ~/.xinitrc with this line:
gpg-agent --daemon
and
[damir@Asteraceae ~]$ ps -e | grep gpg-agent
6628 ? 00:00:00 gpg-agent
thanx in advance for any helptpowa wrote:strange you also did that pinentry stuff?
i have
pinentry-program /usr/bin/pinentry-qt
in ~/.gnupg/gpg-agent.conf, if you mean that ... maybe there is some other things to do?
tpowa wrote:i didn't test the funcionality of gpg
can someone do some reasearch on that
kde 3.3.2 is round the corner would be great if it works till then
yea, that would be nice ...
well, without the gpg-agent (the classical way), gpg works fine, but it is not really cool having to type a long passphrase each time you send a signed email (especially, if you write lots of emails to lots of different peoples /day)
here the dialogue i get always when i want to send an email (in kde 3.3.x the gpg-agent lines are new, but the dialogue itself is old (since 3.1.4 working fine the classical way)) -
How do I configure Kwallet to manage SSH and GPG keys? [SOLVED]
I'm using a select few KDE programs (not the DE) such as Kontact (and with that KMail, Korganizer, Kaddressbook...) and Kwallet. I've got a GPG and an SSH key which I need in Git to sign commits and push. I'd like to have Kwallet manage ALL of these passwords/passphrases, (e-mail, SSH, GPG) and only be prompted for a password to unlock my wallet once per session - or better yet, have the wallet unlocked by logging in (like the keychain in OS X). I'm currently using SLiM (systemd, slim.service) as the login manager. I had a glance at this tutorial for inspiration but to no success...
This is my ~/.xinitrc:
#!/bin/sh
if [ -d /etc/X11/xinit/xinitrc.d ]; then
for f in /etc/X11/xinit/xinitrc.d/*; do
[ -x "$f" ] && . "$f"
done
unset f
fi
# Hide mouse cursor when idle
unclutter -idle 4 &
# Background image
hsetroot -fill $HOME/img/08.jpg &
# Window manager
xmonad
This is my ~/.zprofile (failed attempt, fake GPG-key name)
#!/bin/sh
# Load keychain to handle ssh and gpg keys
export SSH_ASKPASS=/usr/bin/ksshaskpass
eval `keychain --eval id_rsa 1234ABCD`
$HOME/.keychain/`hostname`-sh
$HOME/.keychain/`hostname`-sh-gpg
This is my ~/.gnupg/gpg.conf (commented lines not included)
no-greeting
require-cross-certification
charset utf-8
keyserver hkp://keys.gnupg.net
Last edited by totte (2012-10-25 10:49:52)No success so far, really, need more ideas.
Neither of /etc/kde/env/{gpg,ssh}-agent-startup.sh seem to be run by anything automatically on my system upon boot and logging in. I tried going back to the beginning and I got GPG working alright, when signing a commit I was automatically authenticated. SSH however still prompts me by CLI to enter my passphrase when I try to git-push or ssh into a server. I set an empty password for the wallet to have it "unlocked by logging in". I thought setting "export SSH_ASKPASS='/usr/bin/ksshaskpass'" in ~/.zprofile would have it prompt for the password in some manner of Qt window related to Kwallet, but apparently it doesn't. In top both ssh-agent and gpg-agent are displayed as running - but if I run gpg-agent in Konsole I get the output "gpg-agent: no gpg-agent running in this session", ssh-agent on the other hand outputs "SSH_AUTH_SOCK=/tmp/ssh-noaDS3C4AP8M/agent.1830; export SSH_AUTH_SOCK;
SSH_AGENT_PID=1831; export SSH_AGENT_PID;
echo Agent pid 1831;".
Here's my ~/.zprofile, ~/.xinitrc, ~/.gnupg/gpg.conf, ~/.gnupg/gpg-agent.conf and ~/.zshrc (probably irrelevant but included anyway):
~/.zprofile
export EDITOR='vim'
export GIT_EDITOR='vim -fg'
export GPG_TTY=$(tty)
export GREP_COLOR='1;34'
export GREP_OPTIONS='--color=auto'
export LANG='en_GB.UTF-8'
export PAGER='less'
export PINENTRY='/usr/bin/pinentry-kwallet'
export SSH_ASKPASS='/usr/bin/ksshaskpass'
export VISUAL='vim'
~/.xinitrc
#!/bin/sh
if [ -d /etc/X11/xinit/xinitrc.d ]; then
for f in /etc/X11/xinit/xinitrc.d/*; do
[ -x "$f" ] && . "$f"
done
unset f
fi
# Kwallet
kwalletd &
# Keychain (SSH & GPG)
eval `keychain --eval id_rsa 1234ABCD` &
# Hide mouse cursor when idle
unclutter -idle 4 &
# Background image
hsetroot -fill $HOME/img/08.jpg &
# Akonadi
akonadictl start &
# Music Player Daemon
mpd &
# Window manager
xmonad
~/.gnupg/gpg.conf
no-greeting
require-cross-certification
charset utf-8
keyserver hkp://keys.gnupg.net
use-agent
~/.gnupg/gpg-agent.conf
pinentry-program /usr/bin/pinentry-kwallet
no-grab
~/.zshrc (probably irrelevant)
# PATH
# System executables
PATH0="/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin"
# My executables
PATH1="$HOME/bin"
export PATH="$PATH0:$PATH1"
# COLOURS
autoload colors; colors;
eval "`dircolors -b ~/.dircolorsrc`"
# GENERAL
HISTFILE=$HOME/.zsh_history
HISTSIZE=10000
SAVEHIST=10000
setopt append_history
setopt extended_history
setopt hist_expire_dups_first
setopt hist_ignore_dups
setopt hist_ignore_space
setopt hist_verify
setopt inc_append_history
setopt share_history
setopt prompt_subst
setopt correctall
setopt auto_menu
setopt complete_in_word
setopt always_to_end
setopt extendedglob
# ALIASES
alias rezsh='. ~/.zshrc'
alias _='sudo '
alias l='ls -lh --color'
alias la='ls -lAh --color'
alias -- -='cd -'
alias ..='cd ..'
alias df='df -h'
alias g='git'
alias tmux='tmux attach'
alias cp='cp -v'
alias mv='mv -v'
alias rm='rm -v'
alias rmdir='rmdir -v'
alias d='dirs -v'
bu(){cp -v $1 ${1}.backup}
cmds(){history | awk '{print $2}' | sort | uniq -c | sort -rn | head}
md(){mkdir -p $1; cd $1}
# OS-specific aliases
if [[ $(uname) == "Darwin" ]]; then
# Mac OS X
alias pkgs='port search' # Search
alias pkgi='sudo port install' # Install
alias pkgu='sudo port selfupdate && sudo port upgrade outdated' # Update & Upgrade
alias pkgr='sudo port uninstall --follow-dependencies' # Remove package and unused dependencies
alias pkgl='port installed' # List installed packages
alias python='/usr/local/bin/python3'
alias pip='pip-3.2'
alias pips='pip-3.2 search'
alias pipi='pip-3.2 install'
alias pipu='pip-3.2 install -U'
alias pipr='pip-3.2 uninstall'
alias pipl='pip-3.2 freeze'
alias v='mvim'
elif [[ $(uname) == "Linux" ]]; then
alias pips='pip search'
alias pipi='pip install'
alias pipu='pip install -U'
alias pipr='pip uninstall'
alias pipl='pip freeze'
alias v='vim'
case $(lsb_release -d | cut -f2 | cut -d " " -f1) in
(Arch) # Arch Linux
alias equa='alsamixer -D equal'
alias pkgs='pacman -Ss' # Search
alias pkgi='sudo pacman -S' # Install
alias pkgu='sudo pacman -Syu' # Update & Upgrade
alias pkgr='sudo pacman -Rns' # Remove package, configuration backups and unused dependencies
alias pkgl='pacman -Q' # List installed packages
alias pkgd='whoneeds' # List packages depending on specified package
alias poweroff='sudo systemctl poweroff'
alias reboot='sudo systemctl reboot'
alias nw='wicd-curses'
(Debian|Ubuntu) # Debian and Ubuntu
alias pkgs='aptitude search' # Search
alias pkgi='sudo aptitude install' # Install
alias pkgu='sudo aptitude update && sudo aptitude upgrade' # Update & Upgrade
alias pkgr='sudo aptitude purge' # Remove package, configuration files and unused dependencies
alias pkgl='aptitude search -F "%p" "~i"' # List installed packages
alias reboot='sudo shutdown -r now'
alias shutdown='sudo shutdown -h now'
esac
fi
# Host-specific aliases
if [[ ${HOST:r} == "betre" ]]; then
alias poff='sudo /sbin/write-magic 0xdeadbeef && sudo /sbin/reboot'
fi
# TAB COMPLETION
autoload compinit
compinit
# Case-insensitive (all),partial-word and then substring completion
zstyle ':completion:*' matcher-list 'm:{a-zA-Z}={A-Za-z}' 'r:|[._-]=* r:|=*' 'l:|=* r:|=*'
zstyle ':completion:*:*:*:*:*' menu select
zstyle ':completion:*:cd:*' tag-order local-directories directory-stack path-directories
cdpath=(.)
# Use /etc/hosts and known_hosts for hostname completion
[ -r /etc/ssh/ssh_known_hosts ] && _global_ssh_hosts=(${${${${(f)"$(</etc/ssh/ssh_known_hosts)"}:#[\|]*}%%\ *}%%,*}) || _ssh_hosts=()
[ -r ~/.ssh/known_hosts ] && _ssh_hosts=(${${${${(f)"$(<$HOME/.ssh/known_hosts)"}:#[\|]*}%%\ *}%%,*}) || _ssh_hosts=()
[ -r /etc/hosts ] && : ${(A)_etc_hosts:=${(s: :)${(ps:\t:)${${(f)~~"$(</etc/hosts)"}%%\#*}##[:blank:]#[^[:blank:]]#}}} || _etc_hosts=()
hosts=(
"$_global_ssh_hosts[@]"
"$_ssh_hosts[@]"
"$_etc_hosts[@]"
`hostname`
localhost
zstyle ':completion:*:hosts' hosts $hosts
# KEYBINDINGS
bindkey '^[[A' history-beginning-search-backward
bindkey '^[[B' history-beginning-search-forward
bindkey "^[[H" beginning-of-line
bindkey "^[[1~" beginning-of-line
bindkey "^[OH" beginning-of-line
bindkey "^[[F" end-of-line
bindkey "^[[4~" end-of-line
bindkey "^[OF" end-of-line
# Make the delete key (or Fn + Delete on the Mac) work instead of outputting a ~
bindkey '^?' backward-delete-char
bindkey "^[[3~" delete-char
bindkey "^[3;5~" delete-char
bindkey "\e[3~" delete-char
# TITLES
tmux_title="%16<..<%~%<<"
term_tab_title="%m"
term_title="Terminal"
function title(){
if [[ "$TERM" == screen* ]]; then
print -Pn "\ek$tmux_title:q\e\\"
elif [[ $TERM == rxvt* ]] || [[ "$TERM_PROGRAM" == "iTerm.app" ]]; then
print -Pn "\e]2;$term_title:q\a"
print -Pn "\e]1;$term_tab_title:q\a"
fi
function title_precmd(){
title $tmux_title $term_tab_title $term_title
function title_preexec(){
emulate -L zsh
setopt extended_glob
local tmux_title=${1[(wr)^(*=*|sudo|ssh|-*)]}
title $tmux_title $term_tab_title $term_title
# ZSH VCS_INFO MODULE
autoload -Uz vcs_info
#zstyle ':vcs_info:*+*:*' debug true
zstyle ':vcs_info:*' enable git
zstyle ':vcs_info:git*' formats '%fon $(rou)%b%f%c%u%m'
zstyle ':vcs_info:git*' actionformats '%fon $(rou)%b%f:$(rou)%a%f%c%u%m'
zstyle ':vcs_info:git*:*' stagedstr ' (staged)'
zstyle ':vcs_info:git*:*' unstagedstr ' (unstaged)'
zstyle ':vcs_info:git*:*' get-revision true
zstyle ':vcs_info:git*:*' check-for-changes true
zstyle ':vcs_info:git*+set-message:*' hooks git-stash git-untracked
# Display count of stashed changes
function +vi-git-stash(){
local -a stashes
if [[ -s ${hook_com[base]}/.git/refs/stash ]] ; then
stashes=$(git stash list 2>/dev/null | wc -l)
if [[ $stashes > 1 ]] ; then
hook_com[misc]+=" (${stashes} stashes)"
else
hook_com[misc]+=" (${stashes} stash)"
fi
fi
# Display message if untracked files are present
function +vi-git-untracked(){
if [[ $(git rev-parse --is-inside-work-tree 2> /dev/null) == 'true' ]] && \
git status --porcelain | grep '??' &> /dev/null ; then
hook_com[unstaged]+=" (untracked files present)"
fi
function prompt_precmd(){
vcs_info
# PROMPT
# Root or user?
function rou(){
if [[ $UID -eq 0 ]] ; then
echo "%{$fg[magenta]%}"
else
echo "%{$fg[blue]%}"
fi
# Display ± if we're in a git repository and » at all other times
function prompt_character(){
git branch >/dev/null 2>/dev/null && echo '%{$fg[white]%}±%{$reset_color%}' && return
echo '%{$fg[white]%}»%{$reset_color%}'
# Set the prompt
function set_prompt(){
PROMPT="$(rou)%n %{$reset_color%}at $(rou)%m %{$reset_color%}in $(rou)%~ ${vcs_info_msg_0_}
%{$reset_color%}$(prompt_character) "
# HOOKS
autoload -U add-zsh-hook
add-zsh-hook preexec title_preexec
add-zsh-hook precmd title_precmd
add-zsh-hook precmd prompt_precmd
add-zsh-hook precmd set_prompt -
GPG-AGENT "ignoring" pinentry program? wrong pinentry app for ssh-keys
Hi!
I am using gpg-agent to handle my gpg keys and wanted it to handle my ssh keys too, since it is running anyway.
it works perfectly fine with gpg keys, my pinentry program is pinentry-qt4 , upon request that window pops up for me to enter my passphrase.
as window manager i use awesome wm.
however, when i try to use my ssh key, e.g. for github, no pinentry program pops up and in xterm it looks like:
[me@mybox dotfiles]$ git push origin master
it seems that is is waiting for my passphrase input but it isnt asking for it. neither does it accept it.
when i quit my WM, i see that it executed the pinentry program directly in my tty1, to which i do not have access while running my WM.
my gpg-agent.conf:
me@mybox ~/.gnupg> cat gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 7200
pinentry-program /usr/bin/pinentry-qt4
how do i get gpg-agent to respect my pinentry choice for my ssh keys as well?
thanks for your time !I use this
$ cat /etc/kde/env/gpg-agent-startup.sh
#!/bin/sh
# see https://wiki.archlinux.org/index.php/SSH_Keys
GPG_AGENT=/usr/bin/gpg-agent
## Run gpg-agent only if not already running, and available
if [ -x "${GPG_AGENT}" ] ; then
# check validity of GPG_SOCKET (in case of session crash)
GPG_AGENT_INFO_FILE=${HOME}/.gpg-agent-info
if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
GPG_AGENT_PID=`cat ${GPG_AGENT_INFO_FILE} | grep GPG_AGENT_INFO | cut -f2 -d:`
GPG_PID_NAME=`cat /proc/${GPG_AGENT_PID}/comm`
if [ ! "x${GPG_PID_NAME}" = "xgpg-agent" ]; then
rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
else
GPG_SOCKET=`cat "${GPG_AGENT_INFO_FILE}" | grep GPG_AGENT_INFO | cut -f1 -d: | cut -f2 -d=`
if ! test -S "${GPG_SOCKET}" -a -O "${GPG_SOCKET}" ; then
rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
fi
fi
unset GPG_AGENT_PID GPG_SOCKET GPG_PID_NAME SSH_AUTH_SOCK
fi
if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
eval "$(cat "${GPG_AGENT_INFO_FILE}")"
eval "$(cut -d= -f 1 "${GPG_AGENT_INFO_FILE}" | xargs echo export)"
export GPG_TTY=$(tty)
else
eval "$(${GPG_AGENT} -s --enable-ssh-support --daemon --pinentry-program /usr/bin/pinentry-qt4 --write-env-file)"
fi
fi
I think I could probably use the /etc/profile.d location but when I first set it up, kde was already running gpg-agent so I adapted its file. Later, I uninstalled the thing which does that in kde and just kept my own customised version.
Are you sure that your xinitrc isn't starting a second gpg-agent? -
[SOLVED] Thunderbird & Enigmail: Using gpg-agent to cache key
Hi,
I set up Thunderbird with Enigmail to encrypt my emails.
However, I do not want to enter my password EVERYTIME I want to read an encrypted email. A quick tab change etc. gets annoying, so I wanted to set-up a time out of 10min.
Also, I want to use gpg-agent for that (unless there are by far better options), as I could also manage my SSH keys with that (haven't look into it yet, though)
What I have done:
- Installed TB & Enigmail, gerated keypair, uploaded to keyserver, tried it with a friend (works)
- Added gpg-agent startupscript to xinitrc, verified that it runs on x startup (also writes env file so it will only run once, even if x is started multiple times)
- In enigmail settings selected to use gpg-agent
- Checked gpg-agent cache timeout (set to 300sec (default-cache-ttl))
Problem:
Thunderbird/Enigmail still promts for my passphrase everytime I want to view an encrypted email, even when I quickly switch tabs..
I would really appreciate some pointing into the right directioin/help on how to ideally solve this problem.
Thanks for your time
Last edited by replax (2013-07-31 09:04:03)I guess you mean: OpenPGP->Preferences->Passphrase Settings
These settings do not apply because it only works when the passphrase handling is done by enigmail/TB. It also gives you a warning, that, if you use gpg 2.0 or later you have to use gpg-agent for passphrase handling and have to set the cache time in the agent itself somehow.
EDIT: Seems to have gotten it to work, I simply added a pinentry-program to the gpg-agent.conf (qt4 version). Strange though, as it should use the gtk entry program by default....
Is this a feature or a bug? Or is it special in the arch package, e.g. compiled with no default or something like that? -
Loop-aes/mount with gpg-agent
Hey,
this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
/dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas?Hey,
this is not really an Arch related problem, but as this is the only forum I'm using, I'll try it here. The system I'm testing on is Debian etch. loop-aes and gpg-agent alone work fine, when I decrypt data with gpg, pinentry is called and gpg-agent stores the passphrase. I can encrypt/decrypt partitions with loop-aes using a keyfile etc. Now the problem: to decrypt encrypted partitions I want to use a keyfile which is encrypted with gpg. The fstab entry is like this:
/dev/hda10 /yyy ext3 defaults,loop=/dev/loop4,encryption=AES128,gpgkey=/root/key.asc 0 0
When I now mount /yyy, the system asks for the passphrase, but not with pinentry. So gpg-agent doesn't store the passphrase. Any ideas? -
App-v cubacs and desktop agent
I have a client who is upgraded their CCM environment to version 10. We will be deploying a CUBACs server and client and contact centre express desktop agent and supervisor agent. They are also looking at deploying the desktop applications in a Microsoft App-V (ver 5.0.12180). I have a quick google search to see if the App-V environment is support for these but not found anything. Has anyone out there come across deploying these packages in an App-V environment, and if so are the any issue?
See the App-V client to see if it is attempting to delete the shortcuts during a refresh - you may need to set the log to verbose mode first.
Twitter:
@stealthpuppy | Blog:
stealthpuppy.com
This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
Please remember to click "Mark as Answer" or "Vote as Helpful" on the post that answers your question (or click "Unmark as Answer" if a marked post does not
actually answer your question). This can be beneficial to other community members reading the thread. -
Ssh keys and gnupg keys from wiki instructions...
following first the gnupg instructions and then ssh keys I've managed to get several instances of gpg-agent running.
[root@frylock ~]# ps aux | grep agent
root 2764 0.0 0.0 4208 432 ? Ss 11:15 0:00 ssh-agent
xtian 2785 0.0 0.1 3500 972 ? Ss 11:18 0:00
gpg-agent -s --enable-ssh-support --daemon
--write-env-file /home/frylock/xtian/.gnupg/gpg-agent.env
root 2958 0.0 0.0 3168 688 ? Ss 11:39 0:00
gpg-agent -s --enable-ssh-support --daemon
--write-env-file /root/.gnupg/gpg-agent.env
root 3036 0.0 0.0 4740 392 ? Ss 11:43 0:00 gpg-agent --daemon
root 3186 0.0 0.0 4740 388 ? Ss 11:53 0:00 gpg-agent --daemon
root 3299 0.0 0.0 4740 388 ? Ss 11:58 0:00 gpg-agent --daemon
root 3549 0.0 0.0 4740 392 ? Ss 12:54 0:00 gpg-agent --daemon
This I can resolve by going back over the instructions--a fifth time. But what I don't understand, why my user account owner of a running process when I'm only logged in one tty as root?
//EDIT: Clarify the login scenario
// EDIT: the code block is cutting off line
Last edited by xtian (2013-09-07 14:20:00)xtian wrote:
cfr wrote:For example, I don't include the code in ~/.xinitrc or in /etc/profile.d precisely because I'm starting the agent somewhere else.
That's just it. I'm not starting it somewhere else. According to the wiki, its being called from .xinitrc and that's where the call is made to the script in profile.d, I think. Unless the script in /etc/profile.d is starting the script automatically?? I don't know.
Yes. The script you have in /etc/profile.d will start it automatically. I have a similar script in /etc/kde/env and that is all I use. I don't need anything in ~/.xinitrc (or kde's autostart stuff or whatever). At least, this is true provided those scripts are sourced. What you definitely do not want is the line you currently have in ~/.xinitrc which does not check to see if an instance of gpg-agent is already running.
This is what I use:
$ cat /etc/kde/env/gpg-agent-startup.sh
#!/bin/sh
# see https://wiki.archlinux.org/index.php/SSH_Keys
GPG_AGENT=/usr/bin/gpg-agent
## Run gpg-agent only if not already running, and available
if [ -x "${GPG_AGENT}" ] ; then
# check validity of GPG_SOCKET (in case of session crash)
GPG_AGENT_INFO_FILE=${HOME}/.gpg-agent-info
if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
GPG_AGENT_PID=`cat ${GPG_AGENT_INFO_FILE} | grep GPG_AGENT_INFO | cut -f2 -d:`
GPG_PID_NAME=`cat /proc/${GPG_AGENT_PID}/comm`
if [ ! "x${GPG_PID_NAME}" = "xgpg-agent" ]; then
rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
else
GPG_SOCKET=`cat "${GPG_AGENT_INFO_FILE}" | grep GPG_AGENT_INFO | cut -f1 -d: | cut -f2 -d=`
if ! test -S "${GPG_SOCKET}" -a -O "${GPG_SOCKET}" ; then
rm -f "${GPG_AGENT_INFO_FILE}" 2>&1 >/dev/null
fi
fi
unset GPG_AGENT_PID GPG_SOCKET GPG_PID_NAME SSH_AUTH_SOCK
fi
if [ -f "${GPG_AGENT_INFO_FILE}" ]; then
eval "$(cat "${GPG_AGENT_INFO_FILE}")"
eval "$(cut -d= -f 1 "${GPG_AGENT_INFO_FILE}" | xargs echo export)"
export GPG_TTY=$(tty)
else
eval "$(${GPG_AGENT} -s --enable-ssh-support --daemon --pinentry-program /usr/bin/pinentry-qt4 --write-env-file)"
fi
fi
In any case, your script should check for the environment file and only start an instance of the agent if it doesn't exist.
I'ts not my script. I'm not up on BASH scripts. This one is from the wiki page. Isn't this script checking just that in this IF clause:
if test -f "$envfile" && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
eval "$(cat "$envfile")"
Yes. But the line you have in ~/.xinitrc does NOT check this. It just starts an instance of gpg-agent as a daemon.
Maybe you are looking for
-
Table headings disappearing in pdf?
Why are some table headings disappearing when I pdf a Frame 8 file? There is no pattern in the disappearances and each time I pdf the file, a different cell heading disappears. If I create a text box and paste that box over the heading, it shows up f
-
Batch Rename and now files will not open
i hope someone can help me. i moved some .dng files from an external drive to my mapbook pro using batch rename in bridge CS5. The files moved to my desktop ine, but now they will not open. When I try to open them the digital convertor opens up. Whe
-
I am getting the following error and not sure what is wrong. The script inserts the record fine, but outputs this error. Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /h
-
It showed correctly under Google maps but whole sections of the street are missing under IOS 6. I have tried reporting the problem via the recommended method and received no response. I know that this is also a problem in Tom Tom because I discovered
-
Hi - I am using bPEL PM to integrate with Salesfroce.com. After reading the API for SFDC, I am concerned about HTTP Chunking in the responses from teh API. Does Oracle BPEL PM support service responses that are HTTP-Chunk'ed? Will this have an effect