[arch-general] Help with gnupg saving password for given time
Hello all, I'm running KmyMoney and saving the file with GPG encryption. In order to open this file I need to enter my password in the pin entry window that comes up. This all works fine. The issue that I'm having is that in the past (previous installation of Arch and Aptosid) I was able to close KmyMoney and open it back up within a certain amount of time without having to re-enter the password. After this time expired, I had to re-enter the password. This no longer seems to work for me. I have to enter my password every time I open KmyMoney. According to my notes that I have on this, what I need to do is to create a file in .gnupg called gpg-agent.conf with the following entries: pinentry-program /usr/bin/pinentry no-grab default-cache-ttl 3600 And enter "use-agent" in the file .gnupg/gpg.conf. I'm using Openbox as my windows manager in case it matters. Could someone offer any suggestions on why this no longer works? My guess is that I'm missing something. Thanks, Randy
I have to enter my password every time I open KmyMoney
First check if gpg-agent is running /bin/ps -aux | /usr/bin/grep gpg sighup will make it forget a password which any program may send and how long it remembers is configurable. ________________________________________________________ Why not do something good every day and install BOINC. ________________________________________________________
On 06/22/2012 02:09 PM, Kevin Chadwick wrote:
I have to enter my password every time I open KmyMoney First check if gpg-agent is running
/bin/ps -aux | /usr/bin/grep gpg
sighup will make it forget a password which any program may send and how long it remembers is configurable.
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
It appears to be, I get the following: /usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file /home/gumper/.gpginfo
On 06/22/2012 02:09 PM, Kevin Chadwick wrote:
I have to enter my password every time I open KmyMoney First check if gpg-agent is running
/bin/ps -aux | /usr/bin/grep gpg
sighup will make it forget a password which any program may send and how long it remembers is configurable.
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
It appears to be, I get the following:
/usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file /home/gumper/.gpginfo
Do you have gpg in your environment and /tmp. /usr/bin/env | /usr/bin/grep -i gpg ________________________________________________________ Why not do something good every day and install BOINC. ________________________________________________________
On 06/22/2012 02:32 PM, Kevin Chadwick wrote:
On 06/22/2012 02:09 PM, Kevin Chadwick wrote:
I have to enter my password every time I open KmyMoney First check if gpg-agent is running
/bin/ps -aux | /usr/bin/grep gpg
sighup will make it forget a password which any program may send and how long it remembers is configurable.
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
It appears to be, I get the following:
/usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file /home/gumper/.gpginfo
Do you have gpg in your environment and /tmp.
/usr/bin/env | /usr/bin/grep -i gpg
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
I get nothing with this command.
I get nothing with this command.
Your programs will likely ignore the agent and use gpg directly using the password once without an environment variable. You should have the GPG_AGENT_INFO environment variable already setup as the third box in this link does. You can fix it quite easily but why it's not there already I'm not sure and is the real issue. http://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG_002dAGENT.html I presume you switched to openbox from something else which set this up automatically. -- ________________________________________________________ Why not do something good every day and install BOINC. ________________________________________________________
On 06/22/2012 04:22 PM, Kevin Chadwick wrote:
I get nothing with this command. Your programs will likely ignore the agent and use gpg directly using the password once without an environment variable.
You should have the GPG_AGENT_INFO environment variable already setup as the third box in this link does. You can fix it quite easily but why it's not there already I'm not sure and is the real issue.
http://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG_002dAGENT.html
I presume you switched to openbox from something else which set this up automatically.
-- ________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
Ok, everything is working as it should now. I originally had the following in my Openbox autostart file: /envfile="${HOME}/.gpginfo" if test -f ${envfile} && kill -0 $(cut -d: -f 2 ${envfile} | head -n 1) 2>/dev/null; then eval $(cat ${envfile}) else eval `/usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file ${envfile}` fi export GPG_AGENT_INFO export SSH_AUTH_SOCK export SSH_AGENT_PID /Apparently this isn't the correct way to do it? It would create the .gpginfo file ok, but I'm assuming that the export command wasn't working correctly. Any ideas why? I looked at the link that you gave but I wasn't sure where to place the command to start the gpg-agent. I figured if I placed it in my Openbox autostart file, then there was the possibility of starting the agent more than once if logging out and back in. I tried putting it in .xsession but it didn't start from there because I use Slim and I believe that Slim doesn't call xsession. Maybe putting it in .xinitrc would work. What I ended up doing was per the Arch wiki. Creating the file /etc/profile.d/gpg-agent.sh with the following: /#!/bin/sh envfile="${HOME}/.gnupg/gpg-agent.env" if test -f "$envfile" && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then eval "$(cat "$envfile")" else eval "$(gpg-agent --daemon --write-env-file "$envfile")" fi export GPG_AGENT_INFO # the env file does not contain the export statement/ This did the trick for me. Oh and you are correct, I switched from XFCE to Openbox. Thanks for the help! Randy / /
This did the trick for me.
Oh and you are correct, I switched from XFCE to Openbox.
Thanks for the help!
I recently had trouble modifying the local users environment even though I did it on another system about a week ago and just whacked it in /etc/environment to save time. How you finding Openbox, better than xfce. I haven't really used openbox much, I might have one system and livecds with it but I didn't set that or them up. I used blackbox a lot a long time ago. -- ________________________________________________________ Why not do something good every day and install BOINC. ________________________________________________________
On 06/23/2012 10:42 AM, Kevin Chadwick wrote:
This did the trick for me.
Oh and you are correct, I switched from XFCE to Openbox.
Thanks for the help! I recently had trouble modifying the local users environment even though I did it on another system about a week ago and just whacked it in /etc/environment to save time.
How you finding Openbox, better than xfce. I haven't really used openbox much, I might have one system and livecds with it but I didn't set that or them up. I used blackbox a lot a long time ago.
-- ________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
I'm liking Openbox. My system is getting a little dated now and things seem to be a little snappier than with XFCE. The main menu in Openbox comes up instantly when I right click on my desktop. With XFCE, there would be a delay. Sometimes a several seconds delay. When I first started using Openbox, one thing that I liked more with XFCE is that the main menu for XFCE has icons. It looks nicer. I have since added icons to my Openbox menu, so it's like XFCE now.
Excerpt from Randy's message of 2012-06-23T00:02-0400:
What I ended up doing was per the Arch wiki. Creating the file /etc/profile.d/gpg-agent.sh with the following:
/#!/bin/sh
envfile="${HOME}/.gnupg/gpg-agent.env" if test -f "$envfile" && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then eval "$(cat "$envfile")" else eval "$(gpg-agent --daemon --write-env-file "$envfile")" fi export GPG_AGENT_INFO # the env file does not contain the export statement/
This did the trick for me.
I applied your trick: it also works on Xfce.
On 06/22/2012 02:32 PM, Kevin Chadwick wrote:
On 06/22/2012 02:09 PM, Kevin Chadwick wrote:
I have to enter my password every time I open KmyMoney First check if gpg-agent is running
/bin/ps -aux | /usr/bin/grep gpg
sighup will make it forget a password which any program may send and how long it remembers is configurable.
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
It appears to be, I get the following:
/usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file /home/gumper/.gpginfo
Do you have gpg in your environment and /tmp.
/usr/bin/env | /usr/bin/grep -i gpg
________________________________________________________
Why not do something good every day and install BOINC. ________________________________________________________
Sorry but I didn't answer your question completely. gpg shows up in /tmp. I have two folders there that start with "gpg".
participants (3)
-
FGr
-
Kevin Chadwick
-
Randy