Jump to content
Forums in Read-Only Mode - Please use Reddit ×
  • 0

pass with gpg-agent?

spectromas

Asked by spectromas,

 Share

Question

spectromas Newbie

spectromas

Posted
Posted

I don't know if I should be using keychain for this (I did try but got completely confused and gave up).

I use app-admin/pass and I would like to not have to enter my password every time I access a password. According to the pass documentation you can set gpg-agent to cache the master password but I don't seem to have any luck with that, pass is still asking me every time.

In ~/.gnupg/gpg.conf I have:
use-agent

In ~/.gnupg/gpg-agent.conf I have:
default-cache-ttl 10000

In ~/.xinitrc I have:
eval "$(gpg-agent --daemon)"

if [ -f "${HOME}/.gpg-agent-info" ]; then
  . "${HOME}/.gpg-agent-info"
  export GPG_AGENT_INFO
  export SSH_AUTH_SOCK
fi

In ~/.zshrc I have:
GPG_TTY=$(tty)
export GPG_TTY

I don't really know what I'm doing here though and something obviously isn't working because pass is asking every time for the password.

Link to comment
Share on other sites

4 answers to this question

Recommended Posts

  • 0
spectromas Newbie

spectromas

Posted
  • Author
Posted

Hi spectromas, did you figure out how to do it?

Yeah I did in the end. Not sure exactly what made it work but this is what I currently have:

 

in my ~/.zprofile:

envfile="$HOME/.gnupg/gpg-agent.env"
if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then
    eval "$(cat "$envfile")"
else
    eval "$(gpg-agent --daemon --enable-ssh-support --write-env-file "$envfile")"
fi
export GPG_AGENT_INFO  # the env file does not contain the export statement
export SSH_AUTH_SOCK   # enable gpg-agent for ssh

GPG_TTY=$(tty)
export GPG_TTY

In ~/.gnupg/gpg.conf I have:

use-agent

And eselect pinentry set to

pinentry-qt

I'm using this with PassFF addon for firefox so whenever it fills login forms when I want it to and doesn't ask me every time for the master password for a set amount of time.

Link to comment
Share on other sites
  • 0
tmp-meteque Newbie

tmp-meteque

Posted
Posted

I'm using bash (and pinentry-gtk) so I can't test your zprofile but I start gpg-agent like in my .xinitrc file:
 

gpg-agent --daemon &
if [ -n "${GPG_AGENT_INFO}" ]; then
  kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
  fi

It has to be something else because I made a mistake into ~/.gnupg/gpg-agent.conf and it stopped working, so the system can read the config.

Link to comment
Share on other sites
 Share
Go to question listing
×
×
  • Create New...