Sun 30 April 2017 Nils Amiet

linux gpg

On Arch gpg-agent comes with the gnupg package so no other package is needed if gpg is already installed.

I use gpg-agent for temporarily caching the PIN for my Yubikey so that I don't have to type it everytime as well as for ssh-agent emulation.

Setup

Add the following lines to your ~/.bashrc:

# Set GPG TTY
export GPG_TTY=$(tty)

# Refresh gpg-agent tty in case user switches into an X session
gpg-connect-agent updatestartuptty /bye >/dev/null

# Set SSH to use gpg-agent
unset SSH_AGENT_PID
if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
  export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
fi

# Start the gpg-agent if not already running
if ! pgrep -x -u "${USER}" gpg-agent >/dev/null 2>&1; then
  gpg-connect-agent /bye >/dev/null 2>&1
fi

Add these lines to ~/.gnupg/gpg-agent.conf:

enable-ssh-support
default-cache-ttl 10800