[rt-users] RT::Crypt::GPG with gpg-agent
Jim Brandt
jbrandt at bestpractical.com
Wed Mar 30 09:06:54 EDT 2016
On 3/30/16 7:52 AM, Peter Viskup wrote:
> Hello all,
> just trying to figure how to setup RT with use of gpg-agent.
>
> Tried to start gpg-agent this way:
>
> root at server:~# gpg-agent --daemon --pinentry-program
> /usr/bin/pinentry-curses --home /opt/rt4/var/data/GnuPG
>
> And then in RT_SiteConfig.pm:
> Set( %GnuPG,
> Enable => 1,
> OutgoingMessagesFormat => 'RFC',
> AllowEncryptDataInDB => 0
> );
>
> Set( %GnuPGOptions,
> 'digest-algo' => 'SHA512',
> 'use-agent' => undef,
> 'gpg-agent-info'=> '/opt/rt4/var/data/GnuPG/.agent-socket',
> 'no-permission-warning' => undef,
> 'homedir' => '/opt/rt4/var/data/GnuPG'
> );
>
> Set( @MailPlugins =>
> "Auth::MailFrom",
> "Auth::Crypt"
> );
>
> Unfortunately it didn't work.
>
> The gpg-agent-info option need to have the values which change with
> every gpg-agent execution.
>
> It could be possible to use write-env-file option and then read the
> file by RT. Is it possible to extend the RT_SiteConfig.pm that way it
> will read the file and fill the gpg-agent-info value in GnuPGOptions
> hash?
>
> Any other thoughts?
>
> We are running GnuPG version 1.4.12, GnuPG agent version 2.0.19 and
> latest release of RT 4.2.
>
I think the use-standard-socket option is another approach. The value is
then consistent each time. This has become the default in version 2.
More information about the rt-users
mailing list