Jump to content
Read the Funtoo Newsletter: Summer 2023 ×
  • 0

pass with gpg-agent?

spectromas

Asked by spectromas,

 Share

Question

spectromas Newbie

spectromas

Posted
Posted

I don't know if I should be using keychain for this (I did try but got completely confused and gave up).

I use app-admin/pass and I would like to not have to enter my password every time I access a password. According to the pass documentation you can set gpg-agent to cache the master password but I don't seem to have any luck with that, pass is still asking me every time.

In ~/.gnupg/gpg.conf I have:
use-agent

In ~/.gnupg/gpg-agent.conf I have:
default-cache-ttl 10000

In ~/.xinitrc I have:
eval "$(gpg-agent --daemon)"

if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
  export SSH_AUTH_SOCK
fi

In ~/.zshrc I have:
GPG_TTY=$(tty)
export GPG_TTY

I don't really know what I'm doing here though and something obviously isn't working because pass is asking every time for the password.

Link to comment
Share on other sites

4 answers to this question

Recommended Posts

  • 0
spectromas Newbie

spectromas

Posted
  • Author
Posted

Hi spectromas, did you figure out how to do it?

Yeah I did in the end. Not sure exactly what made it work but this is what I currently have:

 

in my ~/.zprofile:

envfile="$HOME/.gnupg/gpg-agent.env"
if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
    eval "$(cat "$envfile")"
else
    eval "$(gpg-agent --daemon --enable-ssh-support --write-env-file "$envfile")"
fi
export GPG_AGENT_INFO  # the env file does not contain the export statement
export SSH_AUTH_SOCK   # enable gpg-agent for ssh

GPG_TTY=$(tty)
export GPG_TTY

In ~/.gnupg/gpg.conf I have:

use-agent

And eselect pinentry set to

pinentry-qt

I'm using this with PassFF addon for firefox so whenever it fills login forms when I want it to and doesn't ask me every time for the master password for a set amount of time.

Link to comment
Share on other sites
  • 0
tmp-meteque Newbie

tmp-meteque

Posted
Posted

I'm using bash (and pinentry-gtk) so I can't test your zprofile but I start gpg-agent like in my .xinitrc file:
 

gpg-agent --daemon &
if [ -n "${GPG_AGENT_INFO}" ]; then
  kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
  fi

It has to be something else because I made a mistake into ~/.gnupg/gpg-agent.conf and it stopped working, so the system can read the config.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to question listing
×
×
  • Create New...