Next: , Previous: Installation, Up: Top

2 Invoking GPG-AGENT

gpg-agent is a daemon to manage secret (private) keys independently from any protocol. It is used as a backend for gpg and gpgsm as well as for a couple of other utilities.

The usual way to run the agent is from the ~/.xsession file:

     eval $(gpg-agent --daemon)

If you don't use an X server, you can also put this into your regular startup file ~/.profile or .bash_profile. It is best not to run multiple instance of the gpg-agent, so you should make sure that only one is running: gpg-agent uses an environment variable to inform clients about the communication parameters. You can write the content of this environment variable to a file so that you can test for a running agent. This short script may do the job:

     if test -f $HOME/.gpg-agent-info && \
        kill -0 $(cut -d: -f 2 $HOME/.gpg-agent-info) 2>/dev/null; then
          GPG_AGENT_INFO=$(cat $HOME/.gpg-agent-info)
          export GPG_AGENT_INFO
          eval $(gpg-agent --daemon)
          echo $GPG_AGENT_INFO >$HOME/.gpg-agent-info

Note that the new option --write-env-file may be used instead.

You should always add the following lines to your .bashrc or whatever initialization file is used for all shell invocations:

     export GPG_TTY

It is important that this environment variable always reflects the output of the tty command. For W32 systems this option is not required.

Please make sure that a proper pinentry program has been installed under the default filename (which is system dependant) or use the option pinentry-program to specify the full name of that program. It is often useful to install a symbolic link from the actual used pinentry (e.g. /usr/bin/pinentry-gtk) to the expected one (e.g. /usr/bin/pinentry).

See Option Index,for an index to GPG-AGENT's commands and options.