Using gpg-agent for git credentials?
e.stanley at iragan.com
Sat Feb 20 09:47:19 CET 2016
On 20/02/16 07:15, taltman wrote:
> Hello GPG experts,
> I just recently ran into a git-based service that required password
> authentication, and didn't support public-key authentication.
> They suggested that I could use git credentials for accessing the
> service, and for providing options for storing or caching the password:
> Something about git acting as a password cache didn't sit right with me.
> Seems like credential management would be better done using gpg-agent.
> There are ways to use external credential management programs with git,
> like Gnome Keyring:
> So it seems like it should be possible to connect git with gpg-agent.
Gnome-keyring and gpg-agent don't play well together in my experience,
as the former tries to implement partially some features of gpg-agent.
I regularly use gpg-agent as my SSH agent, which in turns allows me to
use git over SSH for the integration you described.
> One work-around presented here is to use gpg to encrypt a .netrc file
> with your private key, and then use gpg-agent to cache the password:
> But it seems like the above approach leaves the .netrc unencrypted on
> disk at least temporarily, and it isn't as "seamless" as using Gnome
> In the Git documentation above, there is a mechanism to specify a
> program to invoke to fetch credentials, using the GIT_ASKPASS or
> SSH_ASKPASS environmental variables. It seems like this might present a
> way to invoke gpg-agent, but I'm not sure how. Based on documentation it
> seems that these environment variables are usually used to invoke
> pinentry programs.
> If any one has experience with this, or advice on how to achieve this
> integration, I would be greatly appreciative of your help.
> Thank you,
> > _______________________________________________ > Gnupg-users mailing
list > Gnupg-users at gnupg.org >
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users