Xfce4, ssh-agent, and smartcards

This is more of a note for myself to not forget this again.

As I said the other day I’m not liking Gnome 3 so much; while the “fallback mode” looks more usable than the shell itself, the fact that to get to the tweaker tool I have to install shell anyway is a bit bothersome. I set up the desktop already, as I said, to use part of Gnome3 stuff, mostly because of a bug in Evolution 2, but now it’s the turn of the laptop, as Gnome 3 has been unmasked

Incidentally, my desktop, and thus my main work environment, is currently unavailable; after the outages of the other day I found out that one of my two UPSes had a fried board, and it couldn’t work without mains running.. given they are doing heavy work on the power line, and the fact that I had to clean up my home office already as new furniture is scheduled to arrive next week, I decided to simply put it away until the new desks are in. Why do the job twice?

At any rate, I decided to go with Xfce4 on the laptop as well, even though this seems to have a slightly different configuration and that spells trouble with Gtk3 for now – in particular fonts are huge, and I don’t know yet why; xdpyinfo reports the correct DPI value for the monitor, and the correct size in millimetres – it still is better than Gnome3. Interestingly enough, the way Xfce4 handles ssh-agent and gpg-agent is quite nice: indeed it actually relies on using gpg-agent with ssh support instead of both of them separately, which is generally compatible with using OpenPGP cards for SSH authentication, but it is a bit incompatible with my suggested script (which I should actually update, at another time, since I modified it a bit since last time).

It is true that I could probably just suggest a few changes to Xfce’s handling code and get it to behave exactly like mine, or at least in a compatible way (the startxfce4 code is very neat, and very hackable!), but for now I wanted to sidestep the issue altogether. I just need for the session script not to override what I set myself. So how do you do that? Simple enough it seems:

% xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -t bool -s false -n
% xfconf-query -c xfce4-session -p /startup/gpg-agent/enabled -t bool -s false -n

By the way, the reason why I’m not going to spend time trying to fix the compatibility issue between my script and the original code is actually quite simple: the only difference I see is the placement of the agent sockets: my current script uses the standard socket locations (~/.gnupg/S.gpg-agent and ~/.gnupg/S.gpg-agent.ssh), while Xfce4 says nothing and gets the random, temporary locations instead. In the next GnuPG minor version, the default will be changed to use the standard location, so Xfce4 session will be automagically fixed.. that’s about the only reason why I don’t want to spend time on it now.

At least by blogging this I’ll remember how to get back to Xfce4-handled agents, and adapt my script to integrate with that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s