Problems with gnome-keyring et al. (was: Card only available to root user)

Werner Koch wk at
Tue Aug 9 11:15:13 CEST 2011

On Tue,  9 Aug 2011 02:44, luis at said:

> So it looks like GNOME's ssh-agent is interfering. How can I avoid this?

Tell them that they should not interfere with GnuPG.  

If you put a line 


into ~/.gnupg/gpg-agent.conf and stop starting gpg-agent in the xsession
etc., all tools requiring gpg-agent will start gpg-agent on the fly.
There is even no more need for the GPG_AGENT_INFO envvar; I even
explicitly unset this variable in my profile.  Thus the only envvar you
need is GPG_TTY.

If you want to use gpg-agent as ssh-agent you should also put a line


into ~/.gnupg/gpg-agent.conf and put into your profile 

  export SSH_AUTH_SOCK

Now you only need to make sure that gpg-agent is started before you use
ssh.  This is because ssh has no way to start gpg-agent on the fly; I do
this with a simple

  gpg-connect-agent /bye

If you want to check whether gpg-agent is _configured_ to use the
standard socket, you may call

 gpg-agent --use-standard-socket-p

This is actually what all GnuPG tools do to see whether they may start
gpg-agent on the fly.

The standard socket makes things easier and hopefully harder for
gnome-keyring to interfere with it.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list