prezto
prezto copied to clipboard
sorin-ionescu
gpg-agent: a gpg-agent is already running
I have enabled gpg in my .zpreztorc, and whenever I start a new terminal, I get the following message: gpg-agent: a gpg-agent is already running - not starting a new on
I am currently using a Smartcard with a PGP Authentication key, which should be loaded when running ssh-add -L when having GPG module is enabled. This works, however, after some time, the ssh key disappears and I need to kill ssh-agent, gpg-agent to work again.
$ ps aux | grep gpg
ephexeve 20570 0.0 0.0 91828 1320 ? Ss 14:36 0:00 gpg-agent --daemon
$ ps aux | grep ssh
$ echo $SSH_AGENT_PID
19199
$ echo $SSH_AUTH_SOCK
/tmp/ssh-agent.sock
$ ssh-add -L
ssh-rsa <long output>
# closes terminal and opens a new one...
$ ssh-add -L
The agent has no identities
$ echo $SSH_AGENT_PID
21855
$ echo $SSH_AUTH_SOCK
/tmp/ssh-agent.sock
$ ps aux | grep ssh
ephexeve 21855 0.0 0.0 11164 316 ? Ss 14:37 0:00 ssh-agent
$ ps aux | grep gpg
ephexeve 20570 0.0 0.0 165560 1376 ? Ss 14:36 0:00 gpg-agent --daemon
My gpg-agent.conf:
pinentry-program /usr/bin/pinentry-gnome3
default-cache-ttl 18000
enable-ssh-support
Running on Archlinux Kernel 4.6.3-1-ARCH gpg version 2.1.13
Same issue here, I'm willing to bet it has to do with this issue on the GPG tracker...
https://bugs.gnupg.org/gnupg/issue2258
I fixed it by adding the following to my .zshenv
(Still get the annoying gpg-agent: a gpg-agent is already running - not starting a new one though.
# Set SSH to use gpg-agent
unset SSH_AGENT_PID
if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
fi
Change the SSH_AUTH_SOCK path accordingly.
With the fixes which have gone towards TMPDIR, this may be fixed. Can anyone confirm?
@belak this still happens for me. Also, it's my first try enabling this and gpg-agent actually is started by my current system already, I've seen there's some integration with ssh-agent, I got a bit confuse whether I should enable this integration or not. I had the ssh module on my .zpreztorc before, so what I did at the moment was just to add the gpg module to the list and leave the ssh module there. I'm not sure if this is fine.
I've also removed the ssh module from .zpreztorc list and added enable-ssh-support on ~/.gnupg/gpg-agent.conf but it didn't make a difference.
I think I now understand what's happening. I am also on Arch and start my gpg-agent by enabling the gpg-agent.socket via systemd. That results in the socket being created at /run/user/$UID/gnupg/S.gpg-agent.
However, the problem is also related to modern versions of gpg-agent (v2.1+) because it stopped using the environment variable $GPG_AGENT_INFO 0. This means the check via ps .. does not find any running gpg-agent instance at all and thus starts a new one (resulting in the message as gpg-agent writes it when started with --daemon.
There are several ways to fix this I think:
- Add support for not launching the
gpg-agentvia a setting inzpreztorc. This way the ssh-support part below can still be useful on its own (it may need to be slightly adapted). This is probably the least intrusive way. - Add support for systemd launching the agent. This might also be a config option or a seperate check as proposed above. However, the check afterwards still depends on
$GPG_AGENT_HOMEwhich is probably not set and thus would need to be adapted. - Drop support for old versions of
gpg-agent(<v2.1) and rewrite the module to either detect the systemd approach or start the agent as it is done now (but update the detection logic to be independent of the environment variable. I do think that is the "cleanest" solution, but I have no idea, how widespread old versions ofgpgare (I might check some common distributions though).
I can take a stab at implementing any solution, but I am not sure what the best option is. As this would be my first contribution to prezto, I am not sure which way would be preferred.
