It works with pinentry-mac, but touch-id doesn't prompt when run ssh -T git@github.com
System information
macOS
Architecture: (M1)
Version: (e.g. 15.1)
GPG
Output of gpg --version:
% gpg --version
gpg (GnuPG) 2.4.6
libgcrypt 1.10.3
Copyright (C) 2024 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
2024-11-19 16:18:43 gpg-agent[59579] ssh handler 0x16eedb000 for fd 8 started
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for extension (27) started
2024-11-19 16:18:43 gpg-agent[59579] ssh-agent extension 'session-bind@openssh.com' received
2024-11-19 16:18:43 gpg-agent[59579] ssh-agent extension 'session-bind@openssh.com' not supported
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for extension (27) ready
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for request_identities (11) started
2024-11-19 16:18:43 gpg-agent[59579] no running /opt/homebrew/Cellar/gnupg/2.4.6/libexec/scdaemon daemon - starting it
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK GNU Privacy Guard's Smartcard server ready, process 59591
2024-11-19 16:18:43 gpg-agent[59579] first connection to daemon /opt/homebrew/Cellar/gnupg/2.4.6/libexec/scdaemon established
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> GETINFO socket_name
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- D /Users/kidylee/.gnupg/S.scdaemon
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK
2024-11-19 16:18:43 gpg-agent[59579] DBG: additional connections at '/Users/kidylee/.gnupg/S.scdaemon'
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> OPTION event-signal=31
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> SERIALNO --all
2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- ERR 100696144 Operation not supported by device
2024-11-19 16:18:43 gpg-agent[59579] error getting list of cards: Operation not supported by device
2024-11-19 16:18:43 gpg-agent[59579] DBG: sshkeys[0]: order=100012, pubkey=0x0000000154817c00 sn=(null)
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for request_identities (11) ready
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for sign_request (13) started
2024-11-19 16:18:43 gpg-agent[59579] starting a new PIN Entry
2024-11-19 16:18:43 gpg-agent[59579] DBG: connection to PIN entry established
2024-11-19 16:18:43 gpg-agent[59579] You may want to update to a newer pinentry
2024-11-19 16:18:43 gpg-agent[59579] DBG: error calling pinentry: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] failed to unprotect the secret key: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] failed to read the secret key
2024-11-19 16:18:43 gpg-agent[59579] ssh sign request failed: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for sign_request (13) ready
2024-11-19 16:18:44 gpg-agent[59579] DBG: chan_10 -> RESTART
2024-11-19 16:18:44 gpg-agent[59579] DBG: chan_10 <- OK
2024-11-19 16:18:44 gpg-agent[59579] ssh handler 0x16eedb000 for fd 8 terminated
It would be very useful for us if you could enable the `basic` debug info for your `gpg-agent` and attach the generated log. Add the following to your `~/.gpg-agent.conf`:
Describe the bug
Followed this link to setup pgp as ssh key agent: https://gist.github.com/mcattarinussi/834fc4b641ff4572018d0c665e5a94d3
It works with pinentry-mac, but touch-id doesn't prompt when run
ssh -T git@github.comSystem information
macOS
GPG
gpg --version:Home: /Users/kidylee/.gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2
pinentry-program /opt/homebrew/opt/pinentry-touchid/bin/pinentry-touchid enable-ssh-support
default-cache-ttl 1
debug-level basic log-file /Users/kidylee/.gnupg/gpg-agent.log
2024-11-19 16:18:43 gpg-agent[59579] ssh handler 0x16eedb000 for fd 8 started 2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for extension (27) started 2024-11-19 16:18:43 gpg-agent[59579] ssh-agent extension 'session-bind@openssh.com' received 2024-11-19 16:18:43 gpg-agent[59579] ssh-agent extension 'session-bind@openssh.com' not supported 2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for extension (27) ready 2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for request_identities (11) started 2024-11-19 16:18:43 gpg-agent[59579] no running /opt/homebrew/Cellar/gnupg/2.4.6/libexec/scdaemon daemon - starting it 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK GNU Privacy Guard's Smartcard server ready, process 59591 2024-11-19 16:18:43 gpg-agent[59579] first connection to daemon /opt/homebrew/Cellar/gnupg/2.4.6/libexec/scdaemon established 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> GETINFO socket_name 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- D /Users/kidylee/.gnupg/S.scdaemon 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK 2024-11-19 16:18:43 gpg-agent[59579] DBG: additional connections at '/Users/kidylee/.gnupg/S.scdaemon' 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> OPTION event-signal=31 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- OK 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 -> SERIALNO --all 2024-11-19 16:18:43 gpg-agent[59579] DBG: chan_10 <- ERR 100696144 Operation not supported by device
2024-11-19 16:18:43 gpg-agent[59579] error getting list of cards: Operation not supported by device
2024-11-19 16:18:43 gpg-agent[59579] DBG: sshkeys[0]: order=100012, pubkey=0x0000000154817c00 sn=(null)
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for request_identities (11) ready
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for sign_request (13) started
2024-11-19 16:18:43 gpg-agent[59579] starting a new PIN Entry
2024-11-19 16:18:43 gpg-agent[59579] DBG: connection to PIN entry established
2024-11-19 16:18:43 gpg-agent[59579] You may want to update to a newer pinentry
2024-11-19 16:18:43 gpg-agent[59579] DBG: error calling pinentry: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] failed to unprotect the secret key: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] failed to read the secret key
2024-11-19 16:18:43 gpg-agent[59579] ssh sign request failed: Operation cancelled
2024-11-19 16:18:43 gpg-agent[59579] ssh request handler for sign_request (13) ready
2024-11-19 16:18:44 gpg-agent[59579] DBG: chan_10 -> RESTART
2024-11-19 16:18:44 gpg-agent[59579] DBG: chan_10 <- OK
2024-11-19 16:18:44 gpg-agent[59579] ssh handler 0x16eedb000 for fd 8 terminated
pinentry-program /opt/homebrew/opt/pinentry-touchid/bin/pinentry-touchid enable-ssh-support
default-cache-ttl 1
debug-level basic log-file /Users/kidylee/.gnupg/gpg-agent.log
debug-level basic log-file /Users//.gnupg/gpg-agent.log
Add/attach the relevant section of the log to this issue (feel free to redact your key IDs).
pinentry-touchid:pinentry-touchidalso generates its own log which you can find in$TMPDIR/pinentry-touchid.log.