Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [gpg-agent]

121 questions
57
votes
7 answers

How can I find out what keys gpg-agent has cached? (like how ssh-add -l shows you cached ssh keys)

ssh-add -l shows you all ssh-keys that have been added with ssh-add ~/.ssh/id_yourkey. How do I do the analogous thing with gpg and gpg-agent, in other words, ask it to show a list of cached keys?
user3243135
  • 827
  • 2
  • 8
  • 10
46
votes
1 answer

How does GPG agent work?

I have a line in my gpg.conf file which says use-agent. I understand this refers to gpg-agent which is a daemon. The man page states "gpg-agent is a daemon to manage secret (private) keys independently from any protocol. It is used as a backend for…
SauceCode
  • 2,275
  • 4
  • 21
  • 32
32
votes
1 answer

Gentoo Linux GPG encrypts properly a file passed through parameter but throws "Inappropriate ioctl for device" when reading from standard input

I am running Gentoo Hardened with kernel 4.1.7-hardened-r1 and I am trying to encrypt a file using GPG from a shell session opened from SSH and with the DISPLAY variable disabled in order to use pinentry-curses for password prompt. Using gpg -o…
RAKK
  • 1,332
  • 2
  • 17
  • 35
26
votes
3 answers

GPG agent doesn't remove my SSH key from the keyring

I have a really troubling problem. I can't get gpg-agent to remove my SSH key from its keyring and it even persists there after many reboots. $ ssh-add -D SSH_AGENT_FAILURE Failed to remove all identities. Even when I tell it to remove the…
Naftuli Kay
  • 38,686
  • 85
  • 220
  • 311
23
votes
2 answers

How to make gpg find gpg-agent

On Fedora 22, gpg doesn't find gpg-agent: % gpg-agent --daemon % gpg -vvv --use-agent --no-tty --decrypt file.gpg gpg: using character set `utf-8' :pubkey enc packet: version 3, algo 1, keyid…
Roman Cheplyaka
  • 1,184
  • 3
  • 11
  • 25
20
votes
2 answers

gpg-agent refuses SSH keys with ssh-add reporting "agent refused operation"

I'm using openssh7.5p1 and gnupg 2.1.21 on arch linux (these are the default versions that come with arch). I would like to use gpg-agent as an ssh agent. I put the following in my ~/.gnupg/gpg-agent.conf: pinentry-program…
user3188445
  • 5,107
  • 3
  • 21
  • 38
13
votes
2 answers

What are the steps needed to cache passphrases entered via pinentry using gpg-preset-passphrase in 2.1.15?

I'm seeking to cache passphrases for use on an unattended machine. As doing this poses some risk, I'd prefer choosing which passphrases get cached and avoid setting both default-cache-ttl and max-cache-ttl to obnoxiously high values as well as avoid…
user5255922
  • 131
  • 1
  • 5
13
votes
1 answer

gpg starting gpg-agent on demand?

The man page of gpg-agent states: The agent is usualy started on demand by gpg, gpgsm, gpgconf or gpg-connect-agent. Thus there is no reason to start it manually. In case you want to use the included Secure Shell Agent you may …
michas
  • 21,190
  • 4
  • 63
  • 93
12
votes
2 answers

Change pinentry program temporarily with gpg-agent

I use gpg-agent sometimes with no X display or over ssh, so my config file contains: pinentry-program /usr/bin/pinentry-curses This way, the gpg passphrase is requested in curses. That said, in some graphical scripts, I wish to use the GTK pinentry…
a3nm
  • 8,978
  • 5
  • 28
  • 36
12
votes
2 answers

Pinentry fails with gpg-agent and SSH

I'm running Fedora 22. I'm trying to setup GnuPG to have my SSH connections authenticated using my PGP authentication subkey that is located on my Yubikey Neo. I have a systemd unit starting the gpg-agent as following: /usr/bin/gpg-agent…
Spack
  • 1,987
  • 1
  • 17
  • 18
11
votes
1 answer

"gpg-agent is older than us" warning message even after running gpgconf --kill all

I have installed gpg version 2.2.17 from source. When I run gpg --card-status gpg reports: gpg: WARNING: server 'gpg-agent' is older than us (2.2.4 < 2.2.17). gpg: Note: Outdated servers may lack important security fixes. gpg: Note: Use the command…
DragonTamer
  • 381
  • 1
  • 2
  • 8
11
votes
2 answers

Cache all gpg subkey passwords at once? Prevent need for multiple gpg password entry?

Can I enter my gpg password just once and unlock all my sub keys (signing, decryption, authentication)? At the moment, I need to enter my gpg password three times (for signing, for decryption, for authentication). This is inconvenient. I tried to…
adrelanos
  • 1,786
  • 7
  • 29
  • 56
8
votes
2 answers

How do I get git to use the cli rather than some GUI application when asking for GPG password?

Whenever I try to create a signed git commit, I need to enter my GPG key. It spawns some GUI application to receive the password. It looked like the application was seahorse, so I uninstalled it, but git still uses some GUI app. Polybar doesn't…
karizma
  • 211
  • 2
  • 6
8
votes
1 answer

Using gpg-agent-connect tool reconstruct the ssh private key file

I have lost access to my ~/.ssh/id_dsa file (OpenSSH private key file in DSA algorithm), due to forgetting the passphrase. But, originally, I have had it imported into gpg-agent and protected it with a gpg-agent passphrase, which I do know. And the…
Hari
  • 81
  • 1
7
votes
2 answers

How can I use GPG agent forwarding over ssh when systemd owns the remote sockets?

I'm trying to follow these guides and answers https://wiki.gnupg.org/AgentForwarding https://superuser.com/questions/161973/how-can-i-forward-a-gpg-key-via-ssh-agent https://gist.github.com/TimJDFletcher/85fafd023c81aabfad57454111c1564d and…
oarfish
  • 374
  • 2
  • 20
1
2 3
8 9