Open sowbug opened 6 years ago
I had a problem with the .bashrc
snippet above. $HOSTNAME
is empty for me, so I subbed in $(hostname)
instead. Below is what I ended up with (for easy copy-paste for future googlers). I have also placed this in my .profile
rather than .{bash,zsh}rc
, but that might not work for everyone (dependent on how you log into your machine):
keychain_path="~/.keychain/$(hostname)-sh-gpg"; # this file won't exist if keychain isn't running
if [ -f "$keychain_path" ]; then
. $keychain_path;
else
eval $(keychain --agents gpg --eval)
fi;
Including this in the keychain --agents gpg --eval
output would be good too.
GPG_TTY=$(tty); export GPG_TTY
As per the gpg-agent
man page.
hello @sowbug - if you'd like to report a bug kindly use https://bugs.funtoo.org/
you can also reach us on Discord - for more info check https://www.funtoo.org/Welcome
When used with ssh-agent, the
--eval
option always outputs information suitable for the shell to evaluate, but when used with gpg-agent, it does not.SSH Version
GPG Version
The second invocation of
keychain --agents gpg --eval
also overwrites the .keychain/ files with a one-byte (empty) file so that subsequent shells can't eval them anymore.This is inconvenient because the ssh-agent usage can be simple and idempotent:
my .bashrc for ssh-agent
but if I want to use gpg-agent instead, it is cumbersome:
my .bashrc for gpg-agent
(and I'm not even sure that's the right solution.)
Would it be possible to make
--agents gpg --eval
as idempotent as the ssh version (specifically, making it always honor the--eval
option even if it's just repeating what's in the .keychain/ shell files)? This little bit of smarts in the keychain utility will allow the shell rc/profile files to be nice and dumb.