Monitoring queries to gpg-agent?
Werner Koch
wk at gnupg.org
Wed Sep 26 17:27:50 CEST 2018
On Tue, 25 Sep 2018 23:03, kll at dev.terastrm.net said:
> I would like to see the queries to gpg-agent that clients are
> sending. Like what key are they trying to access and whatever other
That is easy. Put
log-file socket://
debug ipc
into ~/.gnupg/gpg-agent.conf. Feed your monitor process the with the
output of
watchgnupg --force $(gpgconf --list-dirs socketdir)/S.log
What you see are debug messages so it is not a really stable inetrface
but it has not changed for more than a decade. Inside the debug message
you see the request from the gpg processes and gpg-agent's replies. You
can easily distinguish the gpg processes. For the semantics of the
protocol used between gpg and the agent you can use the online help:
gpg-connect-agent
and then enter "HELP <mycommand>". <mycommand> might be PKSIGN etc. The
manual (info or PDF file) describes some of theses commands.
If you want to see the interaction between gpg-agent and pinentry as
weel, add the line
debug-pinenentry
to gpg-agent.conf and you see when and what gpg-agent sends to the
pinentry. Sensitive data is blackened. If you need more help, please
don't hesitate to ask.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180926/ed944a48/attachment.sig>
More information about the Gnupg-users
mailing list