On 2017/06/21 18:17, Peter Lebbing wrote: > On 18/06/17 03:48, Christopher Jones wrote: >> It's a task to setup gpg on new boxes: Import pub key, ultimately trust >> my key, and muck around with gpg and ssh agents. > > Configuring gpg as an SSH agent for Linux in the easiest way is very, > very distribution dependent. If you're lucky, it's a single switch > somewhere. systemd, or Xsession, or something similar For any linux distro that provides a recent gnupg 2.1, the easiest way (not necessarily the Proper Way) is to put the following in your ~/.profile:
---- if [ -z "$SSH_CLIENT" ]; then export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh export GPG_AGENT_SOCK=$XDG_RUNTIME_DIR/gnupg/S.gpg-agent gpg-connect-agent /bye fi ---- $XDG_RUNTIME_DIR normally expands to /run/user/<UID>. For v2.0, the default socket location is under ~/.gnupg, but otherwise the trick is the same. Note the vital <if> statement that prefers a forwarded ssh-agent over a local gpg-agent. This avoids having to mess around with distro/gui-specific session configurations, and also has the advantage that you can cut and paste it onto the command line of a logged-in system. There is no need to disable the vanilla ssh-agent - just override $SSH_AUTH_SOCK and nothing will talk to it. A
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users