On Mon 2017-08-21 15:18:30 +0200, Raphael Hertzog wrote:
> On Sun, 30 Jul 2017, rufo wrote:
>> Perhaps the solution might involve using systemd's
>> environment-generators [1]. This seems to be the new preferred way to
>> set environmental variables like SSH_AUTH_SOCK and the replacement for
>> putting scripts in /etc/X11/Xsession.d/.
>>
>> For example the gnupg-agent package could create the file
>> /usr/lib/systemd/user-environment-generators/90gpg-agent containing
>> something like this:
>>
>> #!/bin/bash
>>
>> if [ -n "$(gpgconf --list-options gpg-agent | \
>> awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then
>> echo SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
>> fi
>>
>> This is what I'm using at the moment and it seems to work well. What do
>> you think?
>
> I agree it looks like a good solution. Daniel, can you implement this
> please?
sure, i can do this. It's a little bit weird that
~/.gnupg/gpg-agent.conf will affect the SSH_AUTH_SOCK env var, but it at
least gives parity with the Xsession.d stuff.
What's funny is that gpg-agent always has ssh-agent enabled these days,
so the option itself is a no-op except for its use in these two session
management scripts.
That said, i don't want to export SSH_AUTH_SOCK by default, because the
people who prefer OpenSSH's ssh-agent should have that used
preferentially.
Is there any plan to try to get OpenSSH's ssh-agent to export
SSH_AUTH_SOCK in its own generator?
> Debian Unstable now defaults to Wayland for GNOME users and it would be
> nice to have SSH agent working out of the box again.
You have a weird definition of "out of the box" if you think adding
"enable-ssh-support" to ~/.gnupg/gpg-agent.conf is "out of the box" but
i'm ok with it :)
I'll get this uploaded shortly.
--dkg
signature.asc
Description: PGP signature
