Richard North's Blog

Easier SSH Agent with GPG

Some time back I wrote a guide to setting up a Yubikey Neo security device for GPG and SSH authentication. One aspect I included was setting up GPG Agent on Fish shell, which was a little fiddly.

I've recently discovered that this has become vastly easier with GPG Agent Autostart arriving in a recent version of GPG.

With this change, the only thing needed in fish shell config is the following:

# Start or re-use a gpg-agent.
gpgconf --launch gpg-agent

# Ensure that GPG Agent is used as the SSH agent
set -U -x SSH_AUTH_SOCK ~/.gnupg/S.gpg-agent.ssh

Basically, this will ensure that SSH uses GPG Agent's socket (S.gpg-agent.ssh) rather than the regular SSH Agent. Whenever SSH uses the socket to start authentication, GPG and the GPG smartcard (Yubikey) will spring into life to provide the necessary authentication.

Quite different from the previous ~30 lines!

← Home