diff options
-rw-r--r-- | config/yubikey.nix | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/config/yubikey.nix b/config/yubikey.nix index 0d3964c..275a645 100644 --- a/config/yubikey.nix +++ b/config/yubikey.nix @@ -15,4 +15,25 @@ in services.pcscd.enable = true; environment.systemPackages = yubikey-pkgs; services.udev.packages = yubikey-pkgs; + + # Use GPG agent instead. + programs.ssh.startAgent = false; + + systemd.user.services.gpg-agent = { + path = [ pkgs.gnupg ]; + description = "SSH Agent"; + wantedBy = [ "default.target" ]; + serviceConfig = { + ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/gnupg/S.gpg-agent.ssh"; + ExecStart = + "${pkgs.gnupg}/bin/gpg-agent --enable-ssh-support --daemon"; + Type = "forking"; + Restart = "on-failure"; + }; + }; + + environment.variables = { + SSH_AUTH_SOCK = + ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}/gnupg/S.gpg-agent.ssh''; + }; } |