diff options
author | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2017-05-20 09:36:55 -0400 |
---|---|---|
committer | Kjetil Orbekk <kjetil.orbekk@gmail.com> | 2017-05-20 09:36:55 -0400 |
commit | 88aedcdca0aac7653fa4553a3276659415305fb4 (patch) | |
tree | 937496abc3e7cd0fd4e02635f75d88246c76aef1 /config | |
parent | 252e8bdf5aa5d5e306a657a4cfb6700eab1dbe62 (diff) |
yubikey: Fix gpg-agent tty.
Diffstat (limited to 'config')
-rw-r--r-- | config/yubikey.nix | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/config/yubikey.nix b/config/yubikey.nix index 275a645..6275de0 100644 --- a/config/yubikey.nix +++ b/config/yubikey.nix @@ -13,7 +13,6 @@ let in { services.pcscd.enable = true; - environment.systemPackages = yubikey-pkgs; services.udev.packages = yubikey-pkgs; # Use GPG agent instead. @@ -32,8 +31,19 @@ in }; }; - environment.variables = { - SSH_AUTH_SOCK = - ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}/gnupg/S.gpg-agent.ssh''; + environment = { + systemPackages = yubikey-pkgs; + + # Without this, the gpg-agent has no way to ask the user for a password + # when invoked from ssh. + # See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851440 + extraInit = '' + gpg-connect-agent updatestartuptty /bye + ''; + + variables = { + SSH_AUTH_SOCK = + ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}/gnupg/S.gpg-agent.ssh''; + }; }; } |