[rt-users] RT::Crypt::GPG with gpg-agent

Jim Brandt jbrandt at bestpractical.com
Wed Mar 30 09:06:54 EDT 2016



On 3/30/16 7:52 AM, Peter Viskup wrote:
> Hello all,
> just trying to figure how to setup RT with use of gpg-agent.
>
> Tried to start gpg-agent this way:
>
> root at server:~# gpg-agent --daemon --pinentry-program
> /usr/bin/pinentry-curses --home /opt/rt4/var/data/GnuPG
>
> And then in RT_SiteConfig.pm:
> Set( %GnuPG,
>          Enable => 1,
>          OutgoingMessagesFormat => 'RFC',
>          AllowEncryptDataInDB => 0
> );
>
> Set( %GnuPGOptions,
>          'digest-algo'   => 'SHA512',
>          'use-agent'    => undef,
>          'gpg-agent-info'=> '/opt/rt4/var/data/GnuPG/.agent-socket',
>          'no-permission-warning' => undef,
>          'homedir'       => '/opt/rt4/var/data/GnuPG'
> );
>
> Set( @MailPlugins =>
>          "Auth::MailFrom",
>          "Auth::Crypt"
> );
>
> Unfortunately it didn't work.
>
> The gpg-agent-info option need to have the values which change with
> every gpg-agent execution.
>
> It could be possible to use write-env-file option and then read the
> file by RT. Is it possible to extend the RT_SiteConfig.pm that way it
> will read the file and fill the gpg-agent-info value in GnuPGOptions
> hash?
>
> Any other thoughts?
>
> We are running GnuPG version 1.4.12, GnuPG agent version 2.0.19 and
> latest release of RT 4.2.
>

I think the use-standard-socket option is another approach. The value is 
then consistent each time. This has become the default in version 2.



More information about the rt-users mailing list