help with configuring gpg about nix-config HOT 3 CLOSED

great with your help i got everything working so far, even with your config.
i imported my key by hand. i didn't knew that i can use a gpg key for ssh, that is working as well now.
i should grab one of these yubikeys

from nix-config.

Hey!

Glad I could be of help somehow.

I currently use a yubikey for storing my key, but this should work with usual keys stored on disk too.

My most important gpg-related stuff are configured through home-manager. These are the minimum you have to set to get gpg working:

{
  services.gpg-agent = {
    enable = true;
    pinentryFlavor = "gtk2";
  };
  programs.gpg = {
    enable = true;
  };
}

And that's it! Pretty simple.

My own config is a little bit more complicated, because I also:

• Get public keys declaratively. I do this to avoid having to do anything manually, as my private keys lives on my yubibkey (but I need to have the public key on the keyring to use it). This isn't really useful if you have private keys as files, as you need to copy them anyway, might as well copy the public part.
• Use my key for SSH. For this, you should also set services.gpg-agent.enableSshSupport = true and services.gpg-agent.sshKeys = [ 'keygrip' ] (you can get your keygrip using gpg --list-secret-keys --with-keygrip).
• Forward gpg-agent through SSH

from nix-config.

Oh and I use gnome3 pinentry flavor instead of gtk2 as it looks nicer. I think you need to set (on NixOS, not home-manager) the option services.dbus.packages = [ pkgs.gcr ] for it to work.

from nix-config.