I am trying to set up gpg-agent
When I log in to my machine (via SSH) and invoke gpg
, it asks for password every time (it does not start gpg-agent
automatically).
When I start gpg-agent
manually using:
eval "$(gpg-agent --daemon)"
then next invocation of gpg
actually launches the agent, and after typing my password once, I can then use gpg without password. Also, I see a socket has been created in $HOME/.gnupg/S.gpg-agent=
When I log out and log in again (ssh), I see the socket still exists in $HOME/.gnupg/S.gpg-agent=
and ps
shows that the agent is running, but every invocation of gpg
asks for password, as if there was no agent.
I have added this to my .bashrc
:
GPG_TTY=$(tty)
export GPG_TTY
but that does not seem to help
I find the behaviour of gpg-agent
very confusing. I am familiar with ssh-agent
and that behaves straightforward and understandable.
How can I use gpg-agent
same way as I would use ssh-agent
?
For comparison, this is how ssh-agent
behaves:
After I boot my machine and login for the first time, I launch ssh-add
manually and type my pass phrase once.
Then, every time I log in to my machine (X, console, ssh, …) I can use the agent (I don't need to type my password again). This is done by adding following line to .bashrc
:
export SSH_AUTH_SOCK="$(find /tmp/ssh-*/agent.* -uid $(id -u) -type s -print -quit 2>/dev/null)"
Best Answer
gpg
does not look for the socket (this is different with the new version 2.1) but for the environment variableGPG_AGENT_INFO
. This is not set on log in. That is the problem. Obviously you have the optionuse-standard-socket
ingpg-agent.conf
so that the socket name is always the same.You should set the variable in a login script run a simple script afterwards which checks whether
gpg-agent
is running:That is the part for using
gpg
. For SSH you also needSSH_AUTH_SOCK
. The easiest way to get both variables set is to add the lineto the config file
gpg-agent.conf
and to run this script after the above:This is explaned in the
gpg-agent
man page.