Next: , Previous: , Up: Home Services   [Contents][Index]


13.3.7 GNU Privacy Guard

The (gnu home services gnupg) module provides services that help you set up the GNU Privacy Guard, also known as GnuPG or GPG, in your home environment.

The gpg-agent service configures and sets up GPG’s agent, the program that is responsible for managing OpenPGP private keys and, optionally, OpenSSH (secure shell) private keys (see Invoking GPG-AGENT in Using the GNU Privacy Guard).

As an example, here is how you would configure gpg-agent with SSH support such that it uses the Emacs-based Pinentry interface when prompting for a passphrase:

(service home-gpg-agent-service-type
         (home-gpg-agent-configuration
          (pinentry-program
           (file-append pinentry-emacs "/bin/pinentry-emacs"))
          (ssh-support? #t)))

The service reference is given below.

Variable: home-gpg-agent-service-type

This is the service type for gpg-agent (see Invoking GPG-AGENT in Using the GNU Privacy Guard). Its value must be a home-gpg-agent-configuration, as shown below.

Data Type: home-gpg-agent-configuration

Available home-gpg-agent-configuration fields are:

gnupg (default: gnupg) (type: file-like)

The GnuPG package to use.

pinentry-program (type: file-like)

Pinentry program to use. Pinentry is a small user interface that gpg-agent delegates to anytime it needs user input for a passphrase or PIN (personal identification number) (see Using the PIN-Entry).

ssh-support? (default: #f) (type: boolean)

Whether to enable SSH (secure shell) support. When true, gpg-agent acts as a drop-in replacement for OpenSSH’s ssh-agent program, taking care of OpenSSH secret keys and directing passphrase requests to the chosen Pinentry program.

default-cache-ttl (default: 600) (type: integer)

Time a cache entry is valid, in seconds.

max-cache-ttl (default: 7200) (type: integer)

Maximum time a cache entry is valid, in seconds. After this time a cache entry will be expired even if it has been accessed recently.

default-cache-ttl-ssh (default: 1800) (type: integer)

Time a cache entry for SSH keys is valid, in seconds.

max-cache-ttl-ssh (default: 7200) (type: integer)

Maximum time a cache entry for SSH keys is valid, in seconds.

extra-content (default: "") (type: raw-configuration-string)

Raw content to add to the end of ~/.gnupg/gpg-agent.conf.


Next: Desktop Home Services, Previous: Secure Shell, Up: Home Services   [Contents][Index]