Commit graph

20 commits

Author SHA1 Message Date
John Ericson 4367119ca3
local gpg-agent acting as ssh-agent should yield (#667) (#2253)
* gpg-agent: local agent acting as ssh-agent should yield

This happens commonly if someone using home manager with gpg-agent
acting as ssh-agent on both machines.

@rycee brought up how gpg-itself has some support for agents on both
ends, but in that case one is forwarding the gpg-agent socket rather
than forwardning the gpg-agent-as-ssh-agent socket. There is no need to
forward both.

So I think this is a good default:

 - Forward just gpg-agent socket and this doesn't matter.

 - Forward just the ssh-agent socket and this does the right thing.

 - Forward both sockets and now the ssh one takes priority instead, but
   forwarding both was always a silly thing to do.

Fix #667

* Update modules/services/gpg-agent.nix

Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>

Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>
2021-08-21 01:43:41 -04:00
Cole Mickens d437baa41c
gnupg/gpg-agent: gnupg package is configurable (#1949) 2021-04-27 16:40:05 -04:00
fricklerhandwerk 6aa6556bca
gpg-agent: add GNUPG_HOMEDIR to environment (#1932)
otherwise, if `programs.gpg.homedir` is not set to default, calls to
`gpg` will fail to pick up anything related to secrets
2021-04-19 01:52:31 +02:00
fricklerhandwerk 348b5a5a69
gpg: make homedir configurable 2021-04-14 23:44:34 +02:00
Nicolas Berbiche ddee030dc7
gpg: export GPG_TTY for fish (#1846) 2021-03-03 21:59:13 +01:00
jD91mZM2 ebf1df58da
gpg-agent: fix GnuPG by adding pinentry flavor option
See https://github.com/NixOS/nixpkgs/pull/71095.

Fixes #908
2020-01-01 13:26:21 +01:00
Kai Wohlfahrt f83c49baa3 gpg-agent: add sshcontrol configuration
This lets gpg-agent serve specific keys with authentication capability
as SSH keys
2019-06-18 13:37:19 +01:00
Tad Fisher 26342588ab
gpg-agent: add extraConfig option 2018-08-19 21:46:25 +02:00
jD91mZM2 97ee4578c9
gpg-agent: Add maxCacheTtl(Ssh) options 2018-06-29 00:39:14 +02:00
Gleb Peregud 9bf9e7ac5c
gpg-agent: add enableExtraSocket and verbose options.
This option enables a GPG Agent restricted socket (aka "extra-socket"), which
can be used to forward GPG Agent over SSH.

Additionally `verbose` option enables verbose output of an `gpg-agent.service`
unit for easier debugging.

See: https://wiki.gnupg.org/AgentForwarding
2018-03-13 22:36:30 +01:00
Robert Helgesson bc50202d0d
gpg-agent: do updatestartuptty only when SSH is enabled
Inspired by #163.
2018-03-04 22:20:35 +01:00
Robert Helgesson 9ea353569a
Remove deprecated option home.sessionVariableSetter 2018-02-08 22:54:29 +01:00
Robert Helgesson 576217d33a
gpg-agent: use gpgconf to set SSH socket path
Inspired by #163.
2018-01-14 15:58:59 +01:00
Roman Volosatovs c023b0532a
gpg-agent: add missing options 2017-12-02 19:44:53 +01:00
Robert Helgesson 3aca8a938c
gpg-agent: use full path to gpg-connect-agent 2017-10-05 19:54:09 +02:00
Robert Helgesson a8e08d14bb
Mark rycee as maintainer for a bunch of modules 2017-09-26 23:40:31 +02:00
Nikita Uvarov 42ae135d38
gpg-agent: add zsh support 2017-08-22 10:10:13 +02:00
Robert Helgesson 196db18f5b
gpg-agent: use systemd socket activation 2017-06-29 23:33:28 +02:00
Robert Helgesson 75bb0c8efb
gpg-agent: remove deprecated argument 2017-01-15 23:42:47 +01:00
Robert Helgesson d7d02c3ce8
Initial import 2017-01-14 13:15:24 +01:00