Re: reprepro using a gpg certificate
On Mon, 28 Sep 2020 08:23:54 -0400,
Roberto C. Sánchez<roberto@debian.org> wrote:
>On Mon, Sep 28, 2020 at 01:59:52PM +0200, Andreas Rönnquist wrote:
>> Hi!
>>
>> I have managed to setup a personal repository for backports from
>> unstable to stable only for personal usage. Everything works just
>> fine, with one small exception:
>>
>> After I dput a package I must login to the repository server, and run
>> a shell script containing the reprepro command, which I cannot
>> automate, since it requests entry of a password for a gpg key.
>>
>> Does anyone have some simple instructions to setup reprepro so I
>> don't have to enter this password by hand - I understand that I can
>> use some kind of gpg certificate to get around this, but I haven't
>> managed to set it up properly.
>>
>> I want to do the reprepro command in a crontab so that eventual
>> uploaded packages get processed automatically every X minutes, but
>> then it (of course) cannot require someone to fill in a gpg password.
>>
>Have you looked at the keychain package? It allows you to cache SSH
>and GPG keys. I have used it to automate tasks that require both.
>Essentially, you will need to log in once after the system boots and
>load the key(s) you want to use for automation. Your scripts will need
>to source a shell script snippet with environment variables that let it
>connect to the running agent(s) and they can just operate like normal.
>The agent(s) handle all of the interactions with ssh and/or gpg
>regarding the unlocking of keys and such.
>
keychain indeed looks exactly like what I need.
Thank you!
best regards
-- Andreas Rönnquist
mailinglists@gusnan.se
andreas@ronnquist.net
Reply to: