Mac OS X - Installing and configuring 'gpg-agent'

Werner Koch wk at
Tue Apr 25 14:30:56 CEST 2006

On Tue, 25 Apr 2006 07:06:02 -0400, Charly Avital said:

> New to this list. Running Mac OSX 10.4.6 (Darwin 8.6.0), gpg 1.4.3.
> Installed gpg-agent 1.9.10 using darwin.ports following the instructions

That is a pretty old version.

> - man gpg-agent outputs 'No manual entry for gpg-agent'

There is no man page.  Use "info gnupg".

> When I type gpg-agent in Terminal, I get:
> gpg-agent: can't connect to `/Users/shavital/.gnupg/S.gpg-agent': No
> such file or directory
> gpg-agent: no gpg-agent running in this session

Please read the manual.  Basically you need to pass the option
"--daemon" to startup gpg-agent.  Without gpg-agent merely checks
whether an instace is already running.



Here is a short excerpt from the manual (current version, though):

@command{gpg-agent} is a daemon to manage secret (private) keys
independently from any protocol.  It is used as a backend for
@command{gpg} and @command{gpgsm} as well as for a couple of other

The usual way to run the agent is from the @code{~/.xsession} file:

eval `gpg-agent --daemon`
@end example

If you don't use an X server, you can also put this into your regular
startup file @code{~/.profile} or @code{.bash_profile}.  It is best not
to run multiple instance of the @command{gpg-agent}, so you should make
sure that only one is running: @command{gpg-agent} uses an environment
variable to inform clients about the communication parameters. You can
write the content of this environment variable to a file so that you can
test for a running agent.  This short script may do the job:

if test -f $HOME/.gpg-agent-info && \
   kill -0 `cut -d: -f 2 $HOME/.gpg-agent-info` 2>/dev/null; then
     GPG_AGENT_INFO=`cat $HOME/.gpg-agent-info`
     export GPG_AGENT_INFO   
     eval `gpg-agent --daemon`
     echo $GPG_AGENT_INFO >$HOME/.gpg-agent-info
@end smallexample

Note that the new option @option{--write-env-file} may be used instead.

You should always add the following lines to your @code{.bashrc} or
whatever initialization file is used for all shell invocations:

export GPG_TTY
@end smallexample

It is important that this environment variable always reflects the
output of the @code{tty} command.  For W32 systems this option is not

Please make sure that a proper pinentry program has been installed
under the default filename (which is system dependant) or use the
option @code{pinentry-pgm} to specify the full name of that program.
It is often useful to install a symbolic link from the actual used
pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected
one (e.g. @file{/usr/bin/pinentry}).

More information about the Gnupg-users mailing list