Next: Desktop Home Services, Previous: Secure Shell, Up: Home Services [Contents][Index]
The (gnu home services gnupg)
module provides services that help you
set up the GNU Privacy Guard, also known as GnuPG or GPG, in your home
environment.
The gpg-agent
service configures and sets up GPG’s agent, the program
that is responsible for managing OpenPGP private keys and, optionally,
OpenSSH (secure shell) private keys (see Invoking GPG-AGENT in Using the GNU Privacy Guard).
As an example, here is how you would configure gpg-agent
with SSH
support such that it uses the Emacs-based Pinentry interface when prompting
for a passphrase:
(service home-gpg-agent-service-type
(home-gpg-agent-configuration
(pinentry-program
(file-append pinentry-emacs "/bin/pinentry-emacs"))
(ssh-support? #t)))
The service reference is given below.
This is the service type for gpg-agent
(see Invoking
GPG-AGENT in Using the GNU Privacy Guard). Its value must be a
home-gpg-agent-configuration
, as shown below.
Available home-gpg-agent-configuration
fields are:
gnupg
(default: gnupg
) (type: file-like)The GnuPG package to use.
pinentry-program
(type: file-like)Pinentry program to use. Pinentry is a small user interface that
gpg-agent
delegates to anytime it needs user input for a
passphrase or PIN (personal identification number) (see Using the PIN-Entry).
ssh-support?
(default: #f
) (type: boolean)Whether to enable SSH (secure shell) support. When true,
gpg-agent
acts as a drop-in replacement for OpenSSH’s
ssh-agent
program, taking care of OpenSSH secret keys and
directing passphrase requests to the chosen Pinentry program.
default-cache-ttl
(default: 600
) (type: integer)Time a cache entry is valid, in seconds.
max-cache-ttl
(default: 7200
) (type: integer)Maximum time a cache entry is valid, in seconds. After this time a cache entry will be expired even if it has been accessed recently.
default-cache-ttl-ssh
(default: 1800
) (type: integer)Time a cache entry for SSH keys is valid, in seconds.
max-cache-ttl-ssh
(default: 7200
) (type: integer)Maximum time a cache entry for SSH keys is valid, in seconds.
extra-content
(default: ""
) (type: raw-configuration-string)Raw content to add to the end of ~/.gnupg/gpg-agent.conf.
Next: Desktop Home Services, Previous: Secure Shell, Up: Home Services [Contents][Index]