Next: Invoking GPG, Previous: Installation, Up: Top [Contents][Index]
gpg-agent is a daemon to manage secret (private) keys
independently from any protocol. It is used as a backend for
gpg and gpgsm as well as for a couple of other
utilities.
The usual way to run the agent is from the ~/.xsession file:
eval $(gpg-agent --daemon)
If you don’t use an X server, you can also put this into your regular
startup file ~/.profile or .bash_profile. It is best not
to run multiple instance of the gpg-agent, so you should make
sure that only one is running: gpg-agent uses an environment
variable to inform clients about the communication parameters. You can
write the content of this environment variable to a file so that you can
test for a running agent. Here is an example using Bourne shell syntax:
gpg-agent --daemon --enable-ssh-support \
--write-env-file "${HOME}/.gpg-agent-info"
This code should only be run once per user session to initially fire up the agent. In the example the optional support for the included Secure Shell agent is enabled and the information about the agent is written to a file in the HOME directory. Note that by running gpg-agent without arguments you may test whether an agent is already running; however such a test may lead to a race condition, thus it is not suggested.
The second script needs to be run for each interactive session:
if [ -f "${HOME}/.gpg-agent-info" ]; then
. "${HOME}/.gpg-agent-info"
export GPG_AGENT_INFO
export SSH_AUTH_SOCK
fi
It reads the data out of the file and exports the variables. If you don’t use Secure Shell, you don’t need the last two export statements.
You should always add the following lines to your .bashrc or
whatever initialization file is used for all shell invocations:
GPG_TTY=$(tty) export GPG_TTY
It is important that this environment variable always reflects the
output of the tty command. For W32 systems this option is not
required.
Please make sure that a proper pinentry program has been installed under the default filename (which is system dependant) or use the option pinentry-program to specify the full name of that program. It is often useful to install a symbolic link from the actual used pinentry (e.g. /usr/bin/pinentry-gtk) to the expected one (e.g. /usr/bin/pinentry).
See Option Index,for an index to GPG-AGENT’s commands and options.
| • Agent Commands: | List of all commands. | |
| • Agent Options: | List of all options. | |
| • Agent Configuration: | Configuration files. | |
| • Agent Signals: | Use of some signals. | |
| • Agent Examples: | Some usage examples. | |
| • Agent Protocol: | The protocol the agent uses. |
Next: Invoking GPG, Previous: Installation, Up: Top [Contents][Index]