On 2017/06/21 18:17, Peter Lebbing wrote: > On 18/06/17 03:48, Christopher Jones wrote: >> It's a task to setup gpg on new boxes: Import pub key, ultimately trust >> my key, and muck around with gpg and ssh agents. > > Configuring gpg as an SSH agent for Linux in the easiest way is very, > very distribution dependent. If you're lucky, it's a single switch > somewhere. systemd, or Xsession, or something similar For any linux distro that provides a recent gnupg 2.1, the easiest way (not necessarily the Proper Way) is to put the following in your ~/.profile:
----
if [ -z "$SSH_CLIENT" ]; then
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh
export GPG_AGENT_SOCK=$XDG_RUNTIME_DIR/gnupg/S.gpg-agent
gpg-connect-agent /bye
fi
----
$XDG_RUNTIME_DIR normally expands to /run/user/<UID>. For v2.0, the
default socket location is under ~/.gnupg, but otherwise the trick is
the same. Note the vital <if> statement that prefers a forwarded
ssh-agent over a local gpg-agent.
This avoids having to mess around with distro/gui-specific session
configurations, and also has the advantage that you can cut and paste it
onto the command line of a logged-in system. There is no need to disable
the vanilla ssh-agent - just override $SSH_AUTH_SOCK and nothing will
talk to it.
A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
