I am trying to set up gpg-agent
When I log in to my machine (via SSH) and invoke gpg, it asks for password every time (it does not start gpg-agent automatically).
When I start gpg-agent manually using:
eval "$(gpg-agent --daemon)"
then next invocation of gpg actually launches the agent, and after typing my password once, I can then use gpg without password. Also, I see a socket has been created in $HOME/.gnupg/S.gpg-agent=
When I log out and log in again (ssh), I see the socket still exists in $HOME/.gnupg/S.gpg-agent= and ps shows that the agent is running, but every invocation of gpg asks for password, as if there was no agent.
I have added this to my .bashrc:
GPG_TTY=$(tty)
export GPG_TTY
but that does not seem to help
I find the behaviour of gpg-agent very confusing. I am familiar with ssh-agent and that behaves straightforward and understandable.
How can I use gpg-agent same way as I would use ssh-agent ?
For comparison, this is how ssh-agent behaves:
After I boot my machine and login for the first time, I launch ssh-add manually and type my pass phrase once.
Then, every time I log in to my machine (X, console, ssh, …) I can use the agent (I don't need to type my password again). This is done by adding following line to .bashrc:
export SSH_AUTH_SOCK="$(find /tmp/ssh-*/agent.* -uid $(id -u) -type s -print -quit 2>/dev/null)"
Best Answer
gpgdoes not look for the socket (this is different with the new version 2.1) but for the environment variableGPG_AGENT_INFO. This is not set on log in. That is the problem. Obviously you have the optionuse-standard-socketingpg-agent.confso that the socket name is always the same.You should set the variable in a login script run a simple script afterwards which checks whether
gpg-agentis running:That is the part for using
gpg. For SSH you also needSSH_AUTH_SOCK. The easiest way to get both variables set is to add the lineto the config file
gpg-agent.confand to run this script after the above:This is explaned in the
gpg-agentman page.