[Assist] {ssh,gpg} agents Was: GnuPG 2.1 and Gnome Keyring

Denis 'GNUtoo' Carikli GNUtoo at no-log.org
Tue Dec 2 05:59:03 GMT 2014

On Tue, 2 Dec 2014 03:26:12 +0000
khoi at member.fsf.org wrote:

> Hi,
> Thanks for your reply. It is not a bug. The new version ignores 
> GPG_AGENT_INFO, so according to the Arch Wiki, Gnome Keyring can no 
> longer be used as a GPG Agent.
> I was just wondering if other people were in a similar situation and 
> whether or not they have found a way to do that differently.
I've similar issues:

I'd like to have single-signon.

I'm looking for something that, as soon as I login locally:
* Unlocks my ssh keys trough keychain
* Unlocks my gpg keys trough keychain
* Permit sudo su for a short moment

It has to handle keychain, other agents weren't good enough:
* They weren't flexible enough(For instance I've more than one key and
  a well crafted ssh_config that has settings for the hosts I need to
  ssh into)
* They were lagging with reguard to key formats, and I do use the last
  ones too.
* GDM and so on didn't work with shell-only.

I guess that all that has to be done with PAM somehow, but many extra
pam modules are lacking.

I've also already sent packages requests for PCR about it trough that
list for some PAM modules, but I got no replies.
example: pam-ssh, and pam_abl. 

However pam-ssh probably isn't as good as keychain.

I currently use keychain for ssh and password-caching for gpg in my
mail client(it didn't pickup keychain's gpg agent somehow).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.parabola.nu/pipermail/assist/attachments/20141202/af58cfdb/attachment.bin>

More information about the Assist mailing list