Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to use Gnu PG Agent in Fedora". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to use Gnu PG agent in Fedora.

Sometimes when using an application, you need to use your Gnu PG key very frequently, which means you need to enter the key decryption password multiple times. Quite a few applications support caching passwords (passwords) for users to use. However, for security purposes, cached passwords (passwords) cannot be cross-used between multiple programs. However, Gnu PG provides a very secure way to cache passwords, that is, Gnu PG's proxy gpg-agent. Through it, multiple applications can share the decryption password of the Gnu PG key. If you enter a key decryption password when using an application, other applications can decrypt the Gnu PG key for a period of time without asking for a password. Let's talk about how to set up a proxy for Gnu PG.

Although we don't talk about the Gnu PG public key, the generation and use of the key, using the Gnu PG,*** step is of course to install it:

$sudo yum install gnupg

In general, the Gnu PG program itself has an agent function. However, in the graphical interface, the proxy function of Gnu PG needs to be turned on with pinentry, so you need to install the pinentry program in Linux first.

$sudo yum install pinentry-gtk

Now create the configuration file for gpg-agent:

$cat > ~ / .gnupg/gpg-agent.conf > ~ / .gnupg/gpg.conf

This line tells Gnu PG to use gpg-agent when a password is needed, but only if gpg-agent is already working in advance. The way to run gpg-agent is simple:

$eval $(gpg-agent-- daemon)

The way to stop gpg-agent is:

$pkill-u "$USER" gpg-agent

In order to make the use of gpg-agent more convenient, we naturally want it to work automatically when the machine starts, which can be achieved by configuring / etc/profile.d/ as follows

$sudo cat > / etc/profile.d/gpg-agent.sh / dev/null; then eval "$(cat: $envfile") "else eval" $(gpg-agent-- daemon-- write-env-file "$envfile") "fiexport GPG_AGENT_INFO # the envfile does not contain the export statementEOF$ sudo chmod 755 / etc/profile.d/gpg-agent.sh

The above settings enable gpg-agent automatically for every user who logs in to Linux. In general, only one gpg-agent process is allowed to start in a session. We can see this from the configuration above. If we only want to enable gpg-agent for a user, we can add the following line to ~ / .xprofile, ~ / .xsession, or ~ / .xinitrc, depending on how the graphical interface we use starts, for example:

$echo 'eval "$(gpg-agent-- daemon)" > ~ / .xprofile

If the user does not use a graphical interface, the above line can also be written to ~ / .bash_profile. With the above settings, you can start gpg-agent automatically. For more settings on gpg-agent, please refer to the gpg-agent man page for yourself.

$man gpg-agent

In fact, as you can see from the man page, gpg-agent can also be used as a ssh-agent, just by adding the-- enable-ssh-support option to the command line gpg-agent. Here is a configuration that automatically acts as ssh-agent and gpg-agent:

$cat > > ~ / .bash_profile / dev/null 2 > & 1; then eval `cat $gnupginf` eval `cut-d =-F1 $gnupginf | xargs echo export`else eval `gpg-agent-s-enable-ssh-support-daemon`fiEOF

It is worth pointing out that the Gnome-keyring provided by the Gnome desktop itself also integrates gpg-agent functionality, depending on whether the gpg-agent option is turned on during the Gnome-keyring package compilation process. If we want to disable the gpg-agent function of Gnome-keyring, in addition to modifying the compilation options of the source code, we can also do the following

$cp / etc/xdg/autostart/gnome-keyring-gpg.desktop ~ / .config/autostart/gnome-keyring-gpg.desktop$ echo "X-GNOME-Autostart-enabled=false" > > ~ / .config/autostart/gnome-keyring-gpg.desktop

If you just want to disable Gnome-keyring temporarily, you can execute

Sudo kill $GNOME_KEYRING_PID so far, I believe you have a deeper understanding of "how to use Gnu PG agent in Fedora". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.