Compare commits

...

2 Commits

Author SHA1 Message Date
acfb9ff9c0 git: autoSetupRemote = true 2024-10-18 13:36:55 -04:00
d858594201 drop GPG from keychain 2024-10-18 13:36:43 -04:00
2 changed files with 22 additions and 6 deletions

View File

@ -5,6 +5,7 @@
ui = auto
[push]
default = current
autoSetupRemote = true
[filesystem "N/A|13.0.2|/dev/sda2"]
timestampResolution = 10000 nanoseconds
minRacyThreshold = 6379 microseconds

View File

@ -48,14 +48,29 @@ alias vim='nvim'
alias wake_circadian='ssh epoch wol a8:a1:59:11:06:f1'
alias xrm='sudo xbps-remove'
# GPG setup (and SSH)
ssh-add ~/.ssh/id_rsa
# SSH setup
# I finally figured out how to export my id_rsa from GPG using
# https://superuser.com/a/1681454 (copied/summarized here to avoid link rot):
# 0. Run `gpg -K --with-keygrip` and note the desired keygrip (probably the one
# with [A] for auth).
# 1. Run `gpgsm --gen-key -o tempcert`:
# a. Select "Existing Key".
# b. Enter the keygrip from step 0.
# c. Select "(1) sign, encrypt". This and following steps don't really apply
# for our use case, but we need to do it to make the tool happy.
# d. Enter some valid X.509 subject, e.g. "C=US".
# e. Press enter for rest of fields.
# f. "y" to create self-signed certificate.
# g. "y" to proceed with creation.
# 2. `gpgsm --import tempcert` and `gpgsm -K` to get the (new) keyid.
# 3. `gpgsm --export-secret-key-p8 -a -o id_rsa $keyid`
# 4. (optional) `rm tempcert`, probably don't want that sitting around.
# 5. (optional) Trim the phony metadata we gave to gpgsm that is prepended to
# the exported PEM cert (id_rsa).
if command -v keychain >/dev/null; then
alias keychain="keychain --nolock --absolute --dir $XDG_RUNTIME_DIR"
eval "$(keychain --quick --eval --agents gpg D7F966B85D985743C76A17AC5A9572AE7B2E7E1C)"
fi
if command -v gpgconf >/dev/null; then
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
export SSH_AUTH_SOCK
eval "$(keychain --quick --eval)"
fi
### End user configuration