Using gpg-agent --supervised with systemd

Daniel Kahn Gillmor dkg at
Fri Mar 23 21:46:37 CET 2018

On Wed 2018-03-21 14:48:26 -0700, Evan Klitzke wrote:
> I am using gpg 2.2.5 and stumbled across the --supervised option while 
> reading the man page. I was able to get the ssh-agent functionality 
> working perfectly, but I'm having problems with the gpg-agent 
> functionality.
> I created systemd user units for ssh-agent.socket, gpg-agent.socket, and 
> gpg-agent.service. I was able to get this all set up correctly so the 
> gpg-agent service knows where its sockets are:

it sounds like you might have created the systemd unit files yourself.
If you're running GnuPG from a distribution-supported package, that
package should have shipped them for you already (see for example the
packaging in debian).

even if you're building it yourself, or if your distro doesn't ship
them, i recommend starting from the example unit files in
doc/examples/systemd-user/ in the source tree.  can you compare those
unit files with your own unit files?

> $ sysu status gpg-agent.service

I'm assuming that sysu is some sort of local alias for "systemctl
--user" please let the list know if that's not the case.

> ...
> Mar 21 14:34:12 t460s systemd[1075]: Started GPG agent.
> Mar 21 14:34:12 t460s gpg-agent[2835]: gpg-agent (GnuPG) 2.2.5 starting in supervised mode.
> Mar 21 14:34:12 t460s gpg-agent[2835]: using fd 3 for std socket (/run/user/1000/gpg-agent.sock)
> Mar 21 14:34:12 t460s gpg-agent[2835]: using fd 4 for ssh socket (/run/user/1000/ssh-agent.sock)
> Mar 21 14:34:12 t460s gpg-agent[2835]: listening on: std=3 extra=-1 browser=-1 ssh=4

these are not the standard socket locations, which is probably why gpg
isn't finding them for you.

> What is the trick to making this work correctly?

try using the shipped user service units instead :) If that doesn't work
for you, or if you have any suggestions for improvements, i'm happy to
help review and debug.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list