Fedora and gpg-agent

May 12, 2009    bash fedora gnupg smartcard ssh

While it was quite easy to set up my Fellowship smartcard for SSH logins on Debian GNU/Linux following this instructions I never managed to get it working on Fedora GNU/Linux. At some point of time I just gave up. Today finally I found a solution in an on-line forum.

The problem was that gpg-agent always stopped with the error message:

$ gpg-agent 
gpg-agent[2857]: can't connect to `/home/schiesbn/.gnupg/S.gpg-agent': No such file or directory
gpg-agent: no gpg-agent running in this session

By default the gpg-agent on Fedora creates the socket in /tmp instead of in /home/schiesbn/.gnupg. So you have to move it manually over to your home directory once gpg-agent has started.

To do this I use this script:

#!/bin/bash

# Decide whether to start gpg-agent daemon.
# Create necessary symbolic link in $HOME/.gnupg/S.gpg-agent

SOCKET=S.gpg-agent
PIDOF=`pidof gpg-agent`
RETVAL=$?

if [ "$RETVAL" -eq 1 ]; then
    echo "Starting gpg-agent daemon."
    eval `gpg-agent --daemon `
else
    echo "Daemon gpg-agent already running."
fi

# Nasty way to find gpg-agent's socket file...
GPG_SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET`
echo "Updating socket file link."
cp -fs $GPG_SOCKET_FILE $HOME/.gnupg/S.gpg-agent

To execute this script during log-in I have added this to my ~/.bashrc:

# GPG-AGENT stuff
GET_TTY=`tty`
export $GET_TTY
$HOME/bin/gpg-agent-start.sh

I still wonder why it works that easy on Debian and on Fedora i need all this scripting. But for the moment I’m just happy that I have found a solution to use my smartcard for SSH login on my Fedora systems.



Feel free to drop me a mail if you want to share your thoughts on this topic or if you want to discuss it further.