gpg按需启动gpg-agent?

13

gpg-agent状态手册页:

   The agent is usualy started on demand by gpg,  gpgsm,  gpgconf  or
   gpg-connect-agent.   Thus there is no reason to start it manually.
   In case you want to use the included Secure Shell  Agent  you  may
   start the agent using:

     gpg-connect-agent /bye

   The usual way to run the agent is from the ~/.xsession file:

     eval $(gpg-agent --daemon)

这一方面告诉我“没有理由手动启动它”,另一方面告诉我如何手动启动它。-我在这里误解了吗?

在我的系统上,似乎确实必须手动启动它。否则例如gpg-connect-agent抱怨:can't connect to the agent: IPC connect call failed。-是否需要gpg-connect-agent按照手册页中所述配置任何东西来启动代理?

另外的手册页上gpg-connect-agent说:

   --agent-program file
          Specify the agent program to be started if none is running.

但是gpg-connect-agent --help没有列出该选项,如果我尝试使用该命令,该命令也会抱怨。

好像手册页描述了另一个命令,还是我错过了重要的事情?

我的系统是当前的Arch Linux。(在另一个debian机器上情况相同。)

要求的详细信息:

$ gpg --version
gpg (GnuPG) 2.0.22
libgcrypt 1.5.3
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ?, ?
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$ gpg-connect-agent --version
gpg-connect-agent (GnuPG) 2.0.22
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
$ man gpg-connect-agent |grep -A1 agent-program
       --agent-program file
              Specify the agent program to be started if none is running.
$ gpg-connect-agent --agent-program foo
gpg-connect-agent: invalid option "--agent-program"
$ gpg-connect-agent /bye
gpg-connect-agent: can't connect to the agent: IPC connect call failed
debian  arch-linux  gpg  gpg-agent 
米恰
source
您使用的是哪个版本的gpg-agent和gpg-connect-agent?
珍妮D
1
另请注意,还有其他gpg keyring守护程序。例如,gnome具有gnome密钥环,该密钥环可处理gpg,ssh和常规密码。使用这些密码通常会更好,因为您可以使用一个密码将其全部解锁,并且在登录时可以自动将其解锁。
Patrick
我在上面添加了具体细节。我知道gnome-keyring-daemon,但是我不在那个盒子上运行gnome。-当前的问题是,gpg是否能够按需启动自己的守护程序。
michas

Answers:

5

手册页中的措辞不好。我猜它的意思是:“您不会被迫手动启动gpg-agent。” 这是有道理的,因为GnuPG 2.x需要,gpg-agent而在1.x中是可选的

因此:“因此没有理由手动启动它”“……以便使工具运行”。

但是:如果要使用缓存功能,则gpg-agent必须作为守护程序运行,因此必须在工具之前启动(即手动启动或从工具启动),~/.xsession因为工具会寻找环境变量GPG_AGENT_INFO以便找到(正确的)运行中gpg-agent。如果工具启动,gpg-agent则在工具gpg-agent退出时退出。

gpg-connect-agent /bye可能是手册页中的真正错误。AFAIK这用于测试是否gpg-agent正在运行,但不用于启动它。由于您必须需要shell(更精确的是:要启动的工具的父进程)进行设置,因此它甚至无法以这种方式工作GPG_AGENT_INFO

Hauke Laging
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.