diff options
author | Aaron LI <aly@aaronly.me> | 2017-10-20 08:28:29 +0800 |
---|---|---|
committer | Aaron LI <aly@aaronly.me> | 2017-10-20 08:28:29 +0800 |
commit | 2b381b69a349eb7cf2b39b5e72595dd5e8ffb8c3 (patch) | |
tree | 5c054c35269e04b70e3e763db12f61da53abde1b | |
parent | dfce3c52ba94ef755a19e08982d1d5af54ddf37d (diff) | |
download | dotfiles-2b381b69a349eb7cf2b39b5e72595dd5e8ffb8c3.tar.bz2 |
zsh: add 80-gpg.zsh to setup gpg, also fix TTY problem for ssh-support
-rw-r--r-- | _profile | 10 | ||||
-rw-r--r-- | _zsh/80-gpg.zsh | 37 | ||||
-rw-r--r-- | _zsh/90-exports.zsh | 3 |
3 files changed, 40 insertions, 10 deletions
@@ -88,15 +88,11 @@ export VISUAL="${EDITOR}" export PAGER="less" export LESS="--ignore-case --raw-control-chars" -## Start `gpg-agent` if not running +## Start `gpg-agent' if it is not running if ! _running gpg-agent; then gpgconf --launch gpg-agent fi -## Set SSH to use `gpg-agent` as the SSH agent is enabled -unset SSH_AGENT_PID -if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then - export SSH_AUTH_SOCK="/run/user/${UID}/gnupg/S.gpg-agent.ssh" -fi - PROFILE_SOURCED=yes + +# EOF diff --git a/_zsh/80-gpg.zsh b/_zsh/80-gpg.zsh new file mode 100644 index 0000000..80d1ecc --- /dev/null +++ b/_zsh/80-gpg.zsh @@ -0,0 +1,37 @@ +# +# zsh/gpg.zsh +# + +# NOTE: `gpg-agent' is configured to be launched in `~/.profile'. + +# This `GPG_TTY' variable should be set to the correct TTY where the shell +# is running. See `gpg-agent(1)' for more details. +export GPG_TTY=$(tty) + +# Set SSH to use `gpg-agent' as the SSH agent support is enabled +# See `gpg-agent(1)' for more details. +unset SSH_AGENT_PID +if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then + export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" +fi + +# Since the 'ssh-agent' protocol does not contain a mechanism for telling +# the agent on which terminal/display it is running, gpg-agent's +# ssh-support can just use the TTY or X display when `gpg-agent' has been +# started, which may be before the X session startup. Therefore, when the +# switched to the X session, or login remotely through SSH, the `pinentry' +# will get popped up on whatever display the `gpg-agent' has been started +# or may just fail. In this case, a manual update is necessary. +# +# This will set startup TTY and X11 DISPLAY variables to the values of +# this session. +# +# Credits: +# * GnuPG: Commonly Seen Problems +# https://www.gnupg.org/documentation/manuals/gnupg/Common-Problems.html +# * `gpg-agent(1)': option `--enable-ssh-support' +# +gpg-connect-agent updatestartuptty /bye >/dev/null + + +# vim: set ts=8 sw=4 tw=0 fenc=utf-8 ft=zsh: # diff --git a/_zsh/90-exports.zsh b/_zsh/90-exports.zsh index 1472a7a..f368161 100644 --- a/_zsh/90-exports.zsh +++ b/_zsh/90-exports.zsh @@ -6,9 +6,6 @@ # Generic environment variables and those needing been set only once # should go to `~/.profile'. -# This `GPG_TTY' variable should be set to the correct TTY where the shell -# is running. See also `gpg-agent(1)' -export GPG_TTY=$(tty) # colors for BSD ls if [[ -n "${IS_BSD}" ]]; then export CLICOLOR=1 |