| Setting up gpg-agent | ||
|---|---|---|
 | Chapter 2. Setting up for packaging |  |
| Setting up gpg-agent | ||
|---|---|---|
| | Chapter 2. Setting up for packaging | |
Configuring gpg-agent
To avoid typing your GPG passphrase again and again, you probably want this in your ~/.profile:
<snip>
if test -f $HOME/.gpg-agent-info && kill -0 $(cut -d: -f 2 $HOME/.gpg-agent-info) 2>/dev/null; then
eval $(cat $HOME/.gpg-agent-info)
else
eval $(gpg-agent --pinentry-program /usr/bin/pinentry --daemon --write-env-file $HOME/.gpg-agent-info)
fi
GPG_TTY=$(tty)
# GPG_AGENT_INFO is set from within $HOME/.gpg-agent-info, but still needs to be exported
export GPG_TTY GPG_AGENT_INFO
Configuring GnuPG
In ~/.gnupg/gpg.conf, you want to put:
use-agent
Making GPG keys available
You must copy your gpg key to the packaging host, e.g. like this:
apprentice@myhost:~$ gpg -a --list-secret-keys
/home/john/.gnupg/secring.gpg
-------------------------------
sec# 4096R/BCB62767 2011-12-30
uid John Sudoe (UNIX Systems Administrator) <j.sudoe@rug.nl>
uid John Sudoe (Packager) <j.sudoe@rug.nl>
ssb 4096R/CFC4F5D8 2011-12-30
ssb 4096g/B56CB67F 2011-12-30
ssb 4096R/BD9E5DC5 2011-12-30
apprentice@myhost:~$ gpg -a --export-secret-keys BCB62767|gpg -aco john.private.pgp
apprentice@myhost:~$ rsync john.private.pgp apprentice@packaging-host.mydomain.com:~/
... and import on the packaging host:
apprentice@packaging-host.mydomain.com:~$ gpg -adi ~/john.private.pgp |gpg --import
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected
gpg: key BCB62767: secret key imported
gpg: key BCB62767: public key "John Sudoe (Packager) <j.sudoe@rug.nl>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: secret keys read: 1
gpg: secret keys imported: 1
| |  | |
| Build Chain Setup |  | Environment for dpkg-buildpackage |