1 |
В общем проблемма такая не как не могу я его поднять. |
2 |
Я хочу что бы при получение шифрованного сообщения в PSI мне не приходилось |
3 |
каждый раз вбивать пароль. |
4 |
gpg-agent |
5 |
gpg-agent |
6 |
gpg-agent[19598]: can't connect to `/home/ezotrank/.gnupg/S.gpg-agent': |
7 |
Connection refused |
8 |
gpg-agent: no gpg-agent running in this session |
9 |
|
10 |
cat .gnupg/gpg.conf |
11 |
# Options for GnuPG |
12 |
# Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc. |
13 |
# |
14 |
# This file is free software; as a special exception the author gives |
15 |
# unlimited permission to copy and/or distribute it, with or without |
16 |
# modifications, as long as this notice is preserved. |
17 |
# |
18 |
# This file is distributed in the hope that it will be useful, but |
19 |
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the |
20 |
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
21 |
# |
22 |
# Unless you specify which option file to use (with the command line |
23 |
# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf |
24 |
# by default. |
25 |
# |
26 |
# An options file can contain any long options which are available in |
27 |
# GnuPG. If the first non white space character of a line is a '#', |
28 |
# this line is ignored. Empty lines are also ignored. |
29 |
# |
30 |
# See the man page for a list of options. |
31 |
|
32 |
# Uncomment the following option to get rid of the copyright notice |
33 |
|
34 |
#no-greeting |
35 |
|
36 |
# If you have more than 1 secret key in your keyring, you may want to |
37 |
# uncomment the following option and set your preferred keyid. |
38 |
|
39 |
#default-key 621CC013 |
40 |
|
41 |
# If you do not pass a recipient to gpg, it will ask for one. Using |
42 |
# this option you can encrypt to a default key. Key validation will |
43 |
# not be done in this case. The second form uses the default key as |
44 |
# default recipient. |
45 |
|
46 |
#default-recipient some-user-id |
47 |
#default-recipient-self |
48 |
|
49 |
# By default GnuPG creates version 3 signatures for data files. This |
50 |
# is not strictly OpenPGP compliant but PGP 6 and most versions of PGP |
51 |
# 7 require them. To disable this behavior, you may use this option |
52 |
# or --openpgp. |
53 |
|
54 |
#no-force-v3-sigs |
55 |
|
56 |
# Because some mailers change lines starting with "From " to ">From " |
57 |
# it is good to handle such lines in a special way when creating |
58 |
# cleartext signatures; all other PGP versions do it this way too. |
59 |
# To enable full OpenPGP compliance you may want to use this option. |
60 |
|
61 |
#no-escape-from-lines |
62 |
|
63 |
# When verifying a signature made from a subkey, ensure that the cross |
64 |
# certification "back signature" on the subkey is present and valid. |
65 |
# This protects against a subtle attack against subkeys that can sign. |
66 |
# Defaults to --no-require-cross-certification. However for new |
67 |
# installations it should be enabled. |
68 |
|
69 |
require-cross-certification |
70 |
|
71 |
|
72 |
# If you do not use the Latin-1 (ISO-8859-1) charset, you should tell |
73 |
# GnuPG which is the native character set. Please check the man page |
74 |
# for supported character sets. This character set is only used for |
75 |
# metadata and not for the actual message which does not undergo any |
76 |
# translation. Note that future version of GnuPG will change to UTF-8 |
77 |
# as default character set. |
78 |
|
79 |
#charset utf-8 |
80 |
|
81 |
# Group names may be defined like this: |
82 |
# group mynames = paige 0x12345678 joe patti |
83 |
# |
84 |
# Any time "mynames" is a recipient (-r or --recipient), it will be |
85 |
# expanded to the names "paige", "joe", and "patti", and the key ID |
86 |
# "0x12345678". Note there is only one level of expansion - you |
87 |
# cannot make an group that points to another group. Note also that |
88 |
# if there are spaces in the recipient name, this will appear as two |
89 |
# recipients. In these cases it is better to use the key ID. |
90 |
|
91 |
#group mynames = paige 0x12345678 joe patti |
92 |
|
93 |
# Some old Windows platforms require 8.3 filenames. If your system |
94 |
# can handle long filenames, uncomment this. |
95 |
|
96 |
#no-mangle-dos-filenames |
97 |
|
98 |
# Lock the file only once for the lifetime of a process. If you do |
99 |
# not define this, the lock will be obtained and released every time |
100 |
# it is needed - normally this is not needed. |
101 |
|
102 |
#lock-once |
103 |
|
104 |
# GnuPG can send and receive keys to and from a keyserver. These |
105 |
# servers can be HKP, email, or LDAP (if GnuPG is built with LDAP |
106 |
# support). |
107 |
# |
108 |
# Example HKP keyserver: |
109 |
# hkp://subkeys.pgp.net |
110 |
# |
111 |
# Example email keyserver: |
112 |
# mailto:pgp-public-keys@××××××××.net |
113 |
# |
114 |
# Example LDAP keyservers: |
115 |
# ldap://pgp.surfnet.nl:11370 |
116 |
# ldap://keyserver.pgp.com |
117 |
# |
118 |
# Regular URL syntax applies, and you can set an alternate port |
119 |
# through the usual method: |
120 |
# hkp://keyserver.example.net:22742 |
121 |
# |
122 |
# If you have problems connecting to a HKP server through a buggy http |
123 |
# proxy, you can use keyserver option broken-http-proxy (see below), |
124 |
# but first you should make sure that you have read the man page |
125 |
# regarding proxies (keyserver option honor-http-proxy) |
126 |
# |
127 |
# Most users just set the name and type of their preferred keyserver. |
128 |
# Note that most servers (with the notable exception of |
129 |
# ldap://keyserver.pgp.com) synchronize changes with each other. Note |
130 |
# also that a single server name may actually point to multiple |
131 |
# servers via DNS round-robin. hkp://subkeys.pgp.net is an example of |
132 |
# such a "server", which spreads the load over a number of physical |
133 |
# servers. |
134 |
|
135 |
keyserver hkp://subkeys.pgp.net |
136 |
#keyserver mailto:pgp-public-keys@×××××××××××.net |
137 |
#keyserver ldap://pgp.surfnet.nl:11370 |
138 |
#keyserver ldap://keyserver.pgp.com |
139 |
|
140 |
# Common options for keyserver functions: |
141 |
# |
142 |
# include-disabled = when searching, include keys marked as "disabled" |
143 |
# on the keyserver (not all keyservers support this). |
144 |
# |
145 |
# no-include-revoked = when searching, do not include keys marked as |
146 |
# "revoked" on the keyserver. |
147 |
# |
148 |
# verbose = show more information as the keys are fetched. |
149 |
# Can be used more than once to increase the amount |
150 |
# of information shown. |
151 |
# |
152 |
# use-temp-files = use temporary files instead of a pipe to talk to the |
153 |
# keyserver. Some platforms (Win32 for one) always |
154 |
# have this on. |
155 |
# |
156 |
# keep-temp-files = do not delete temporary files after using them |
157 |
# (really only useful for debugging) |
158 |
# |
159 |
# honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy |
160 |
# environment variable |
161 |
# |
162 |
# broken-http-proxy = try to work around a buggy HTTP proxy |
163 |
# |
164 |
# auto-key-retrieve = automatically fetch keys as needed from the keyserver |
165 |
# when verifying signatures or when importing keys that |
166 |
# have been revoked by a revocation key that is not |
167 |
# present on the keyring. |
168 |
# |
169 |
# no-include-attributes = do not include attribute IDs (aka "photo IDs") |
170 |
# when sending keys to the keyserver. |
171 |
|
172 |
keyserver-options auto-key-retrieve include-disabled include-revoked |
173 |
|
174 |
# Uncomment this line to display photo user IDs in key listings and |
175 |
# when a signature from a key with a photo is verified. |
176 |
|
177 |
#show-photos |
178 |
|
179 |
# Use this program to display photo user IDs |
180 |
# |
181 |
# %i is expanded to a temporary file that contains the photo. |
182 |
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG. |
183 |
# %k is expanded to the key ID of the key. |
184 |
# %K is expanded to the long OpenPGP key ID of the key. |
185 |
# %t is expanded to the extension of the image (e.g. "jpg"). |
186 |
# %T is expanded to the MIME type of the image (e.g. "image/jpeg"). |
187 |
# %f is expanded to the fingerprint of the key. |
188 |
# %% is %, of course. |
189 |
# |
190 |
# If %i or %I are not present, then the photo is supplied to the |
191 |
# viewer on standard input. If your platform supports it, standard |
192 |
# input is the best way to do this as it avoids the time and effort in |
193 |
# generating and then cleaning up a secure temp file. |
194 |
# |
195 |
# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" |
196 |
# On Mac OS X and Windows, the default is to use your regular JPEG image |
197 |
# viewer. |
198 |
# |
199 |
# Some other viewers: |
200 |
# photo-viewer "qiv %i" |
201 |
# photo-viewer "ee %i" |
202 |
# photo-viewer "display -title 'KeyID 0x%k'" |
203 |
# |
204 |
# This one saves a copy of the photo ID in your home directory: |
205 |
# photo-viewer "cat > ~/photoid-for-key-%k.%t" |
206 |
# |
207 |
# Use your MIME handler to view photos: |
208 |
# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" |
209 |
use-agent |
210 |
|
211 |
cat .gnupg/gpg-agent.conf |
212 |
pinentry-program /usr/bin/pinentry-qt |
213 |
no-grab |
214 |
default-cache-ttl 1800 |
215 |
|
216 |
|
217 |
-- |
218 |
-- |
219 |
With best regards, ezotrank |
220 |
kernel 2.6.23-gentoo-r2, system uptime: 23:13:32 up 6:19, 3 users, load |
221 |
average: 0.04, 0.11, 0.11 |
222 |
-- |