From owner-freebsd-questions@freebsd.org Thu Jul 15 00:42:35 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D75FE65AAD7 for ; Thu, 15 Jul 2021 00:42:35 +0000 (UTC) (envelope-from tomek@cedro.info) Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GQFvZ61SPz3R5k for ; Thu, 15 Jul 2021 00:42:34 +0000 (UTC) (envelope-from tomek@cedro.info) Received: by mail-wr1-x42b.google.com with SMTP id a13so5384906wrf.10 for ; Wed, 14 Jul 2021 17:42:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cedro.info; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=K4nR2oaS84xx32zikfqWkPhJnpB3fTjWDwfaF7hiFWs=; b=b4H5t3+DyjpdqlzVJnR3G3FJ4I+GNcvY9s2TgqGgCrzcu8SkBIMWXYBJN9PtB1K+qM PuW9LIZNbiFbHJAan3Q1fqvEyUoUm3T6kIETSrj9TQJQxCqnK1xeag0/ruc8PEtJgpBx yJwRaT/BVS8HiP07m6mrvHukI+beSmx/dt0UyMUM/NCpniBtNiS4K/gF7jlsoTgDUxUU +2ZejRluOCjPEKQD766WxgbdZ2UkfISiDB/LQBhVClAe0GhrGtFTWUN6GPqvLrY5W4BZ thUqkcOYspnlE2wldxXHU4VmNr/FwVZt3G/baPvbjpZuRTyaJsrUMadqwXZgoi6al4Kl EZLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=K4nR2oaS84xx32zikfqWkPhJnpB3fTjWDwfaF7hiFWs=; b=NFd7dJOVCvfl1TO9gWBvYZ8PvcqVD0Wvfp78+Zcul2X9CU6t2ZQfRt6s/ZqPxjrwaW UawwB9HJlpf9yfaxKyVffPm6lL14tH4tc+A2baP4ed7e05fTzJ+I4FbAQkS84jNT58Nl DNtxmiYMc72TouPSsTPnpofv74Lvoln98qfZUnEEfg7u4TvxpD5j/fQYYOvMEP+VdTVc WtS5lJu78IjQZr1q77mwjo7Cj44qVuRDpY4p05hyAdXsGT3/0H6ljWq8PlrhIYjYLaSI FKJ1gCJ5PICX/vY5yjj8F0+O12SFp+uud+8Itzv8Cd7B7RpgnyiKc/13Tk2vYib5gXGg /3Hg== X-Gm-Message-State: AOAM531k6H+cQNEGofYGXF7P75gzSOzk23aSUFygEI4zDAhCyX7NgWgA 0jYkWnH+X+ygy//Z/N0NzEBC7sHe41aifFBuVNo8UC/m7HVF89OX X-Google-Smtp-Source: ABdhPJwGBBwtEM6yBeG2O+U15a2OEO/gDda54dbMDixOFUL9wCoESNPSBSmgoqAPh4IDtku5cY1+31LmWjwKAt9P2kM= X-Received: by 2002:a5d:6c6e:: with SMTP id r14mr915522wrz.242.1626309753181; Wed, 14 Jul 2021 17:42:33 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Tomasz CEDRO Date: Thu, 15 Jul 2021 02:42:10 +0200 Message-ID: Subject: Re: how to load ssh-agent into x11/sddm To: tech-lists@zyxst.net Cc: FreeBSD Questions Mailing List Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4GQFvZ61SPz3R5k X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cedro.info header.s=google header.b=b4H5t3+D; dmarc=none; spf=none (mx1.freebsd.org: domain of tomek@cedro.info has no SPF policy when checking 2a00:1450:4864:20::42b) smtp.mailfrom=tomek@cedro.info X-Spamd-Result: default: False [-3.10 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[cedro.info:s=google]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.80)[-0.798]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[cedro.info]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::42b:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[cedro.info:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::42b:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::42b:from]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2021 00:42:35 -0000 On Wed, Jul 14, 2021 at 7:16 PM tech-lists wrote: > (..) > What I'd like to know is, is it possible to load ssh-agent once either > before, or within, the sddm greeter so that previous ssh-agent behaviour > is restored? I assume you want to use gpg-agent to act as ssh-agent so you can use your smartcard for ssh? You can put that in your ~/.profile: GPG_TTY=$(tty) export GPG_TTY #/usr/local/bin/gpg-agent --daemon SSH_AUTH_SOCK="$HOME/.gnupg/S.gpg-agent.ssh"; export SSH_AUTH_SOCK You can uncomment the gpg-agent launcher line, but I prefer to start it by hand when needed. If you uncomment this line new agent wont spawn if there is already agent running. You can also set this in ~/.gnupg/gpg-agent.conf: enable-ssh-support pinentry-program /usr/local/bin/pinentry-qt5 This will allow you to use gpg with ssh. If you want to use usb smartcard with private key you also need scdaemon. All options explained here: https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html Pinentry is the pop up window that will ask for card pin. For KDE that would be QT5 variant, but these are available: pinentry-1.1.1 pinentry-curses-1.1.1 pinentry-efl-1.1.1 pinentry-fltk-1.1.1 pinentry-gnome3-1.1.1 pinentry-gtk2-1.1.1 pinentry-qt5-1.1.1 pinentry-tty-1.1.1 Hope that helps :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info