From 1c84af82ab8117d5baa13c26b3cf27dc763b05f7 Mon Sep 17 00:00:00 2001
From: Joel Beckmeyer <joel@beckmeyer.us>
Date: Mon, 11 Sep 2023 11:22:33 -0400
Subject: [PATCH] gpg: add sshcontrol with script to get grip

---
 dot_local/share/private_gnupg/sshcontrol.tmpl | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 dot_local/share/private_gnupg/sshcontrol.tmpl

diff --git a/dot_local/share/private_gnupg/sshcontrol.tmpl b/dot_local/share/private_gnupg/sshcontrol.tmpl
new file mode 100644
index 0000000..b53968d
--- /dev/null
+++ b/dot_local/share/private_gnupg/sshcontrol.tmpl
@@ -0,0 +1,11 @@
+# List of allowed ssh keys.  Only keys present in this file are used
+# in the SSH protocol.  The ssh-add tool may add new entries to this
+# file to enable them; you may also add them manually.  Comment
+# lines, like this one, as well as empty lines are ignored.  Lines do
+# have a certain length limit but this is not serious limitation as
+# the format of the entries is fixed and checked by gpg-agent. A
+# non-comment line starts with optional white spaces, followed by the
+# keygrip of the key given as 40 hex digits, optionally followed by a
+# caching TTL in seconds, and another optional field for arbitrary
+# flags.   Prepend the keygrip with an '!' mark to disable it.
+{{ output "sh" "-c" "gpg -K --with-keygrip | grep -A1 \"\\[A\\]\" | tail -n1 | sed \"s,.*Keygrip = ,,\"" }}