Control: reopen -1 Hi,
Sorry, I'm reopening because while gpg-agent's ssh-agent implementation requires $GPG_TTY to know where to prompt for the passphrase, curses-based prompt require $TERM (just like graphical prompts require $DISPLAY). My bad for not providing the proper patch; new patch enclosed. Cheers, -- Guilhem.
From 5e75c353a2f2f3432eeb355940d6a1349a2c5c1d Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guil...@guilhem.org>
Date: Fri, 9 Dec 2016 22:06:12 +0100
Subject: [PATCH] Pass GPG_TTY env var to the ssh binary
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
gpg-agent(1) can emulate the OpenSSH Agent protocol (which provides
pubkey-authentication using an authentication-capable OpenPGP key, in
addition to the usual identity files). However for a console-based
password prompt to work, the ‘GPG_TTY’ environment variable needs to be
set to the current TTY. Furthermore, curses-based password prompts also
require the ‘TERM’ environment variable to be set to the terminal type.
---
src/rpc/virnetsocket.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 405f5ba30..98b7a3b86 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -839,6 +839,8 @@ int virNetSocketNewConnectSSH(const char *nodename,
virCommandAddEnvPassBlockSUID(cmd, "KRB5CCNAME", NULL);
virCommandAddEnvPassBlockSUID(cmd, "SSH_AUTH_SOCK", NULL);
virCommandAddEnvPassBlockSUID(cmd, "SSH_ASKPASS", NULL);
+ virCommandAddEnvPassBlockSUID(cmd, "GPG_TTY", NULL);
+ virCommandAddEnvPassBlockSUID(cmd, "TERM", NULL);
virCommandAddEnvPassBlockSUID(cmd, "DISPLAY", NULL);
virCommandAddEnvPassBlockSUID(cmd, "XAUTHORITY", NULL);
virCommandClearCaps(cmd);
--
2.11.0
signature.asc
Description: PGP signature
