Start a daemonized gpg-agent as a child process of the ssh-agent at

login. The former, in turn, then starts dwm. This is intended as an alternative to installing pam-gnupg, using tools already installed with LARBS. For more information, refer to the relevant comments in xinitrc.
2026-03-20 01:37:45 +01:00 · 2021-02-09 21:28:37 +02:00 · 2021-02-09 21:28:37 +02:00 · a2f1c36ce8
commit a2f1c36ce8
parent 8f36b8feb8
1 changed files with 11 additions and 1 deletions
--- a/.config/x11/xinitrc
+++ b/.config/x11/xinitrc
@ -14,4 +14,14 @@ else
 	. "$HOME/.xprofile"
 fi

-ssh-agent dwm
+# Flags that daemonize the gpg-agent as well as some 'reasonable' configuration for said daemon.
+# GPG keys are cached by the daemon for 2 hours but this duration is reset whenever the key is
+# used again by any means, this includes if it was used by a command in your crontab.
+# This is especially useful if you have mutt-wizrd schedule email synchronization via mailsync.
+# After 16 hours, however, a cached key is removed and the password will need to be re-entered.
+# The last flag is to prevent any third party caching of keys, especially on disk.
+# If you are paranoid about X-sniffing attacks, consider adding the '--grab' flag as (by
+# default_ the '--no-grab' flag is set.
+gpg_flags='--daemon --default-cache-ttl 7200 --max-cache-ttl 57600 --no-allow-external-cache'
+
+ssh-agent gpg-agent $gpg_flags dwm