Git 密钥环中的 GPG 密码
Git GPG password in keyring
我正在使用 git 和 GnuPG 签名。每次我想签署提交时,我都必须提供我的 GnuPG 密钥密码。
是否可以让 git 利用某些系统范围的密钥环,例如 gnome-keyring?我似乎找不到任何关于它的文档,甚至在网络上找不到任何关于它的线程。也许有一些我不知道的解决方案,它不够流行,不易 google。
可能有一些 GUI 工具可以为我做这件事,但我对那些不感兴趣,我主要从控制台使用 git,有时从基于 IntelliJ 的 IDE 中使用,它们只是调用系统git 二进制。拥有系统端解决方案将使我能够将 git config --global commit.gpgsign true 与这些 IDE(和 cli)一起使用。
复制自https://superuser.com/questions/624343/keep-gnupg-credentials-cached-for-entire-user-session
Up to GnuPG 2
The user configuration (in ~/.gnupg/gpg-agent.conf) can only define
the default and maximum caching duration; it can't be disabled.
The default-cache-ttl option sets the timeout (in seconds) after the
last GnuPG activity (so it resets if you use it), the
maximum-cache-ttl option set the timespan (in seconds) it caches
after entering your password. The default value is 7200 (2 hours) for
both.
Set it to a year or so – say, 34560000 seconds (400 days) – and you
should be fine:
default-cache-ttl 34560000
maximum-cache-ttl 34560000
But for this change to take effect, you need to end the session by
restarting gpg-agent.
If you want to limit to your session length, you'd need to kill the
daemon at logout. This is very different between operating systems, so
I'm referring to another question/answer containing hints for
different
systems.
You could also restart the gpg-agent during login, but this does not
limit caching time to the session length, but logins of a user. Decide
yourself if this is a problem in your case.
GnuPG 2.1 and above
In GnuPG 2.1 and above, the maximum-cache-ttl option was renamed to
max-cache-ttl without further changes.
我看到你使用的是 Fedora,版本 29,我所要做的就是:
git config --global gpg.program gpg2
它使用 Gnome Keychain (seahorse)。
我正在使用 git 和 GnuPG 签名。每次我想签署提交时,我都必须提供我的 GnuPG 密钥密码。
是否可以让 git 利用某些系统范围的密钥环,例如 gnome-keyring?我似乎找不到任何关于它的文档,甚至在网络上找不到任何关于它的线程。也许有一些我不知道的解决方案,它不够流行,不易 google。
可能有一些 GUI 工具可以为我做这件事,但我对那些不感兴趣,我主要从控制台使用 git,有时从基于 IntelliJ 的 IDE 中使用,它们只是调用系统git 二进制。拥有系统端解决方案将使我能够将 git config --global commit.gpgsign true 与这些 IDE(和 cli)一起使用。
复制自https://superuser.com/questions/624343/keep-gnupg-credentials-cached-for-entire-user-session
Up to GnuPG 2
The user configuration (in
~/.gnupg/gpg-agent.conf) can only define the default and maximum caching duration; it can't be disabled.The
default-cache-ttloption sets the timeout (in seconds) after the last GnuPG activity (so it resets if you use it), themaximum-cache-ttloption set the timespan (in seconds) it caches after entering your password. The default value is 7200 (2 hours) for both.Set it to a year or so – say, 34560000 seconds (400 days) – and you should be fine:
default-cache-ttl 34560000 maximum-cache-ttl 34560000But for this change to take effect, you need to end the session by restarting gpg-agent.
If you want to limit to your session length, you'd need to kill the daemon at logout. This is very different between operating systems, so I'm referring to another question/answer containing hints for different systems.
You could also restart the
gpg-agentduring login, but this does not limit caching time to the session length, but logins of a user. Decide yourself if this is a problem in your case.GnuPG 2.1 and above
In GnuPG 2.1 and above, the
maximum-cache-ttloption was renamed tomax-cache-ttlwithout further changes.
我看到你使用的是 Fedora,版本 29,我所要做的就是:
git config --global gpg.program gpg2
它使用 Gnome Keychain (seahorse)。