pascalbreuninger
commented
3 months ago Hey @pan93412, thanks for reporting this issue. Do you use the GPG Keychain application on macOS by chance?
Closed pan93412 closed 3 months ago
pascalbreuninger
commented
3 months ago Hey @pan93412, thanks for reporting this issue. Do you use the GPG Keychain application on macOS by chance?
pan93412
commented
3 months ago Hey @pan93412, thanks for reporting this issue. Do you use the GPG Keychain application on macOS by chance?
Yeah, I manage my GPG keys with GPG Keychain (https://gpgtools.org).
pascalbreuninger
commented
3 months ago @pan93412 There are two default keys bundled by default by the GPG Team. The older one of them, for whatever reason, breaks gpg key forwarding. If you don't need it, can you remove it and try again?
pan93412
commented
3 months ago @pan93412 There are two default keys bundled by default by the GPG Team. The older one of them, for whatever reason, breaks gpg key forwarding. If you don't need it, can you remove it and try again?
It works. Thank you!!
What happened?
Without
GPG_AGENT_FORWARDING, everything work great.I enable
GPG_AGENT_FORWARDINGexplicitly with:Then, I create a workspace of a template:
However, when I try to connect to the machine with
ssh, I always seeerror Error tunneling to container: EOF.Full logs (
``` 20:42:08 debug Successfully connected to container 20:42:08 info Execute SSH server command: bash -c cat /var/run/devpod/result.json 20:42:08 info Execute SSH server command: bash -c su -c "gpg -K" 'vscode' 20:42:08 debug Successfully parsed result at /var/run/devpod/result.json 20:42:08 debug gpg: exporting gpg public key from host 20:42:08 debug gpg: exporting gpg owner trust from host 20:42:08 debug gpg: detecting gpg-agent socket path on host 20:42:08 debug gpg: detected gpg-agent socket path /Users/pan93412/.gnupg/S.gpg-agent.extra 20:42:08 info Execute SSH server command: bash -c '/usr/local/bin/devpod' agent container credentials-server --user 'vscode' --configure-git-helper --configure-docker-helper --debug 20:42:08 debug gpg: detected git sign key <...> 20:42:08 debug ssh: starting reverse forwarding socket /Users/pan93412/.gnupg/S.gpg-agent.extra 20:42:08 info Reverse forwarding local unix//Users/pan93412/.gnupg/S.gpg-agent.extra to remote unix//Users/pan93412/.gnupg/S.gpg-agent.extra 20:42:08 debug gpg: start reverse forward of gpg-agent socket /Users/pan93412/.gnupg/S.gpg-agent.extra, keeping connection open 20:42:08 debug Received ping from agent 20:42:08 info attempt to bind socket /Users/pan93412/.gnupg/S.gpg-agent.extra 20:42:08 info /Users/pan93412/.gnupg/S.gpg-agent.extra already exists, removing 20:42:09 debug Start credentials server 20:42:09 error Error tunneling to container: EOF 20:42:09 debug Container tunnel exited 20:42:09 debug Error running credential server: wait: remote command exited without exit status or exit signal 20:42:09 debug Connection to container closed 20:42:09 fatal error forwarding /Users/pan93412/.gnupg/S.gpg-agent.extra: EOF kex_exchange_identification: Connection closed by remote host Connection closed by UNKNOWN port 65535 ```--debugenabled)What did you expect to happen instead?
I should be able to connect to my machine, and sign commits with my GPG keys.
How can we reproduce the bug? (as minimally and precisely as possible)
sgp1ubuntu-24-04-x6450(GB)s-4vcpu-8gb-amdtruessh vscode-remote-try-rust.devpod. You may see the error message:--debugflag to theProxyCommandin.ssh/config, and re-run withssh -vvv. You may see more detailed errors.Local Environment:
DevPod Provider:
Anything else we need to know?
I can provide the DigitalOcean token privately if you need to start a DigitalOcean instance to test.