From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id AGlcDZPPqmIZZgEAbAwnHQ (envelope-from ) for ; Thu, 16 Jun 2022 08:37:07 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id WJZfDJPPqmL01QAAG6o9tA (envelope-from ) for ; Thu, 16 Jun 2022 08:37:07 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B3171FBD9 for ; Thu, 16 Jun 2022 08:37:05 +0200 (CEST) Received: from localhost ([::1]:54230 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o1j7n-0001Ks-TY for larch@yhetil.org; Thu, 16 Jun 2022 02:37:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42462) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o1j5r-0001Hm-Mv for bug-guix@gnu.org; Thu, 16 Jun 2022 02:35:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46618) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1o1j5r-0005Hn-ES for bug-guix@gnu.org; Thu, 16 Jun 2022 02:35:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1o1j5r-00066N-9g for bug-guix@gnu.org; Thu, 16 Jun 2022 02:35:03 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#54950: Connecting to remote guix daemon with encrypted SSH key fails Resent-From: Arun Isaac Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 16 Jun 2022 06:35:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 54950 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Maxim Cournoyer Cc: 54950@debbugs.gnu.org Received: via spool by 54950-submit@debbugs.gnu.org id=B54950.165536127823383 (code B ref 54950); Thu, 16 Jun 2022 06:35:03 +0000 Received: (at 54950) by debbugs.gnu.org; 16 Jun 2022 06:34:38 +0000 Received: from localhost ([127.0.0.1]:40507 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o1j5S-000655-55 for submit@debbugs.gnu.org; Thu, 16 Jun 2022 02:34:38 -0400 Received: from mugam.systemreboot.net ([139.59.75.54]:46418) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o1j5P-00064t-1B for 54950@debbugs.gnu.org; Thu, 16 Jun 2022 02:34:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=systemreboot.net; s=default; h=Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=qmCJ9xfk31uLLXYq5Basof3K1tbjIOC8vOlwGnpotqQ=; b=fcNbBXlzC9lGgQQFbj+qmBc3K1 3wAexca9nz9z1ZRDmYvZFk9cEIz18vcBwRSdlYJhw8dGS85HE05Xs71qzjaufvazuW5ewHaK08Hz1 tDocb4xAiDsrj1+6lOyeUPza1LqNbzWxPD7kg03Ddnc5Cy5DPQX5HBUtk6tl95yhC36vmkmCrSVTV xjgb15J4AVUXMiJ7+G0QkrFl/GLqrY2nT7QwgiqlidQLalY309KuVsNMhZcCI6fmxczLooTIxk4bN KZNuwzTCGOLbDonxqQBnTTP1UanTmxeErV1PRIit6RbsimyN/ut5AAthSVoeblm4mfhmNy/5kz+me va1C6lag==; Received: from [192.168.2.1] (port=4786 helo=steel) by systemreboot.net with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1o1j5L-000EUa-A4; Thu, 16 Jun 2022 12:04:31 +0530 From: Arun Isaac In-Reply-To: <8735g6dj4t.fsf@gmail.com> References: <87pmli1u3e.fsf@systemreboot.net> <87a6amkie3.fsf@gmail.com> <87sfo630c3.fsf@systemreboot.net> <8735g6dj4t.fsf@gmail.com> Date: Thu, 16 Jun 2022 12:04:30 +0530 Message-ID: <87ilp12k21.fsf@systemreboot.net> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1655361427; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=qmCJ9xfk31uLLXYq5Basof3K1tbjIOC8vOlwGnpotqQ=; b=FSpznd1+YviUsyBuEB6iuNsJl4puTaOYb3vBwuHe2BE+jZkNLG9L8JDhdVDyHLHSSVYhhS g4PriYCyD+vgujXGu6ITTcLwm4x1vnujxzF8NW1337SHYSGQyjIYa1T0j/HToU3+cmtEZ7 /l5vMMC7rhnGonjns3tmAJ4s/LABfgnbmDRjLYzt2FKMg9pMv83kM49HBltTgfBxD4FekZ JuWUuiD2VNkS/yy3Ld1RNItY2WKjRlcNmYJ0A6sNHiQz2j0MCRIQUuUKPYSQdccdRmSicl cjG9NR37ngHboh4Eu0mJAvZyqIqjJzTrxKsa567ukT1Akdm7jqzwEfo+cpEjuA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1655361427; a=rsa-sha256; cv=none; b=hZRF6PeyweHP5f5hlQp55wYzxq4qkE2XsVA7IWDFpH70bcNg0a+PTIVtF43Iv7tKAbVJS+ Day6VdeG7zHpXt9VCPHLUBvVf692+pnMWP7lVB+8hvmrU8wWkCKZiaBc8zao17DT5OKHDb 5Z24gYxhY3ZdQH1ujDIozsPQbVGbXBoqpOZ16mmJBVVu54I6o+rmhphiHqRUe5zDuUpXey 0OCY2d6CnDRWtiSYbxFHsFTsshb8UwW9jB4G/WWTv0c8i2xqMqxJR6g3sTpv7D6ut1g3qk IaEotJsVDK8COtPDUGxJ8tp7VdoMauKSDHeYt/B8Hd77X0Yyd465whL91xG+JQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=systemreboot.net header.s=default header.b=fcNbBXlz; dmarc=fail reason="SPF not aligned (relaxed)" header.from=systemreboot.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 4.41 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=systemreboot.net header.s=default header.b=fcNbBXlz; dmarc=fail reason="SPF not aligned (relaxed)" header.from=systemreboot.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: B3171FBD9 X-Spam-Score: 4.41 X-Migadu-Scanner: scn0.migadu.com X-TUID: 1x+FbCs1Opp6 Hi Maxim, I normally use neither OpenSSH's ssh-agent nor gpg-agent's ssh-agent feature. But, when I do, it works. I didn't run into any pinentry issues like you described. But, that's only because a passphrase entry is not required at the time of `guix build'. Passphrase entry is required only at the time of `ssh-add' when I am adding the key to the ssh-agent. Just to be clear, here are the exact steps I used to set up gpg-agent. Enable gpg's ssh-agent feature $ echo use-agent >> ~/.gnupg/gpg.conf $ echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf pkill and restart gpg-agent (command not shown). Then, add the key to gpg's ssh-agent. A passphrase is prompted at this point. $ ssh-add ~/.ssh/id_ecdsa guix build with remote daemon. A passphrase is not prompted at this point because it was already added into the ssh-agent in the last step. $ SSH_AUTH_SOCK=/run/user/1000/gnupg/S.gpg-agent.ssh GUIX_DAEMON_SOCKET=ssh://foo guix build -v3 hello So, with an ssh-agent, guix build on a remote daemon works. But, I'd like it to work without an ssh-agent. Is that possible? Regards, Arun