[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guix Home: SSH won't ask for GPG password
From: |
Maxim Cournoyer |
Subject: |
Re: Guix Home: SSH won't ask for GPG password |
Date: |
Thu, 05 Oct 2023 16:26:55 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Hi,
Caleb Herbert <csh@bluehome.net> writes:
> Guix System.
>
> In home-configuration.scm:
> (service home-gpg-agent-service-type
> (home-gpg-agent-configuration
> (pinentry-program
> (file-append pinentry-gnome3 "/bin/pinentry"))
> (ssh-support? #t)))
>
> caleb@bender ~$ ssh csh@tty.sdf.org
> csh@tty.sdf.org's password:
>
> This shouldn't happen. Pinentry should come up and ask me for my GPG password.
>
> gpg-agent.conf looks normal.
>
> caleb@bender ~$ cat /home/caleb/.gnupg/gpg-agent.conf
> pinentry-program
> /gnu/store/6rlqjdc9ginn4gnkwg8mhqwm015phhrm-pinentry-gnome3-1.2.1/bin/pinentry
> default-cache-ttl 600
> max-cache-ttl 7200
> default-cache-ttl-ssh 1800
> max-cache-ttl-ssh 7200
I don't use guix home, but my hand-crafted gpg-agent.conf reads like:
--8<---------------cut here---------------start------------->8---
# PIN entry program
enable-ssh-support
allow-emacs-pinentry
# Remember GPG/SSH passwords for longer.
default-cache-ttl 28800 # cache GPG on access for 8 hours
max-cache-ttl 57600 # keep GPG on cache for a maximum of 16 hours
default-cache-ttl-ssh 28800 # cache SSH on access for 8 hours
max-cache-ttl-ssh 57600 # keep SSH on cache for a maximum of 16 hours
--8<---------------cut here---------------end--------------->8---
Also, it could be caused by the pinentry-gnome3 variant. I remember
wrestling with a similar problem in the past, only to find out that it
was limited.
I now use the canonical 'pinentry' package, which seems most featureful.
HTH,
--
Maxim