updatestartuptty and gpg key

Cédric Chépied cedric.chepied at gmail.com
Mon May 5 17:40:50 CEST 2014


Hi,

I'm trying to start gpg-agent with systemd and I'm having some troubles. I don't
know if this is a bug or if I don't know how to use agent.

When I start another service with systemd that uses gpg-agent, I can't enter my
passphrase because gpg-agent don't know "where" it can ask me to enter it.

When I start an X session, I use 'echo UPDATESTARTUPTTY | gpg-connect-agent' and
it's a little better. Services using ssh keys can ask me the passphrase. But
services using gpg key for file decryption can't.

When I start a tty console. I use 'gpg-connect-agent updatestartuptty /bye' (I
can't remember why I'm not using the same command). When I start a service using
ssh key, the "window" asking my passphrase is displayed but it don't get focus,
my tty is not usable and I can't talk to agent anymore. Nothing happens when I
try to decrypt a file in an other service.

How can I tell gpg-agent on which tty/X display it can ask me passphrases?

Here are my two services:

---8<-------------------------------------------------------
[Unit]
Description=Test ssh
After=gpg-agent.service

[Service]
ExecStart=/usr/sbin/scp distant-machine:/tmp/plop /tmp
---8<-------------------------------------------------------

And

---8<-------------------------------------------------------
[Unit]
Description=Test decrypt
After=gpg-agent.service

[Service]
ExecStart=/usr/sbin/gpg -d /home/user/.authinfo.gpg
---8<-------------------------------------------------------


Here is my gpg-agent service:

---8<-------------------------------------------------------
[Unit]
Description=GnuPG private key agent
IgnoreOnIsolate=true

[Service]
Type=forking
Environment=GPG_ENVFILE=%h/.gnupg/gpg-agent.env
ExecStart=/usr/bin/gpg-agent --daemon --enable-ssh-support --use-standard-socket --write-env-file ${GPG_ENVFILE}
ExecStartPost=/bin/sh -c "xargs systemctl --user set-environment < ${GPG_ENVFILE}"
ExecStopPost=/bin/rm ${GPG_ENVFILE}
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-abort

[Install]
WantedBy=mystuff.target
---8<-------------------------------------------------------

Regards,
-- 
Cédric Chépied
<cedric.chepied at gmail.com>



More information about the Gnupg-users mailing list