|
If I understand it correctly you switch to a physical console instead of using a terminal in X?
Typically if ssh-agent needs your input it starts an app that asks for PIN, and this app shows up on $DISPLAY. The $DISPLAY it shows on is inherited from the ssh-agent process when it is started. The same goes for gpg-agent.
I am actually not sure if ssh-agent/gpg-agent has to be the one starting pinentry, ssh-add certainly works and asks for passphrase inline, but I guess this is your problem - on a physical TTY there is no way to pop up a window to enter your PIN (it might actually be showing on the original $DISPLAY if it's running). You could get around this by either adding the key with ssh-add (not sure how that plays with gpg-agent on Ubuntu), using a PKCS#11 provider directly with ssh (ssh -I /path/to/lib.so) - again not sure how that works with GPG keys, there's probably no PKCS#11 provider for that? Or you can enter PIN while running X and if caching is enabled it will work for some time afterwards without asking.
Another possibility (and a strong one) is that you don't actually have ssh-agent available in TTY - X session sets up the environment including SSH_AGENT_SOCK for you, in TTY you need to use something like "keychain" or a different mechanism (everybody has his own script I guess) to set that up.
You can verify that ssh-agent is available by running "echo $SSH_AUTH_SOCK" in the TTY, if it is set then try talking to ssh-agent with "ssh-add -L". Try adding an encrypted private key (generate one) and see how it asks for PIN...
I haven't used Ubuntu on desktop for quite some time, but I think they used gnome-keyring as an ssh-agent - does it handle gpg too nowadays? I don't know...
|
Login
FAQ
Search
