search

ACCESS-NRI / accessdev-Trac-archive

Archive accessdev Trac contents as issues
Apache License 2.0
0 stars 0 forks source link

Setup gpg-agent #155

Open penguian opened 10 years ago

penguian commented 10 years ago

| by saw562@nci.org.au

GPG-agent can save encrypted passwords for subversion, rather than saving them as plaintext. Devise a way to automatically set up the agent for users, e.g. as a file in /etc/profile.d.

I'm currently using the following in my ~/.bash_profile:

export GPG_TTY=$(tty)
GPG_STATE_FILE=~/.gnupg/agent-state
mkdir -p $(dirname $GPG_STATE_FILE)

# Get the saved GPG-Agent PID from last session 
if [ -z "$GPG_AGENT_INFO" ]; then
    [ -f "$GPG_STATE_FILE" ] && source $GPG_STATE_FILE
fi
GPG_PID=$(echo "$GPG_AGENT_INFO" | sed 's/.*:\([0-9]*\):.*/\1/')

# Start GPG-Agent again if it's not still running
# By default passwords timeout after 2 hours so will need to be re-entered 
if ! pgrep -u "$USER" -s "${GPG_PID:-0}" gpg-agent > /dev/null; then
    gpg-agent --daemon --pinentry-program /usr/bin/pinentry-curses > $GPG_STATE_FILE
    source $GPG_STATE_FILE
fi

Needs to support csh as well

Issue migrated from trac:155 at 2024-01-31 18:09:12 +1100

penguian commented 10 years ago

@scott.wales@bom.gov.au changed status from new to accepted

penguian commented 10 years ago

@scott.wales@bom.gov.au changed owner from ` tosaw562`