gpg-agent-ssh is an unnecessary dependency of gnupg
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnupg (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Installing gnupg will also install and depend on gpg-agent(-ssh) which will replace ssh-agent.
This is bad due to the fact that gpg-agent-ssh takes an exclusive lock on all smartcards incorrectly yet does not actually support neither PIV or opensc-pkcs11 integration. Until gnupg/gpg-
Meaning gpg-agent-ssh will be installed and break PIV-based SSH authentication. gpg-agent-ssh should NOT be installed unless specifically requested, the very least it should NOT be enabled in any way unless explicitly requested. It's a boneheaded nuisance of a dependency right now.
Also confirmed five years ago in this issue https:/ /github. com/OpenSC/ OpenSC/ issues/ 953