From 0962935841583518b7210f8e38befd856f59c85d Mon Sep 17 00:00:00 2001
From: Xiao Pan <xyz@flylightning.xyz>
Date: Thu, 13 Nov 2025 06:14:53 +0800
Subject: fix gpg agent not working when ssh to pp

---
 home/xyz/.profile | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'home/xyz')

diff --git a/home/xyz/.profile b/home/xyz/.profile
index a25d475d..f926c827 100644
--- a/home/xyz/.profile
+++ b/home/xyz/.profile
@@ -89,6 +89,25 @@ export SCR_HEIGHT=720
 #export GDK_SCALE=2
 #export GDK_DPI_SCALE=0.5
 
+# Edited from upd comment: `duplicity --use-agent` not working when ssh to pp
+# and insp, works on insp, not sure why. The gpg error logs are "gpg: public
+# key decryption failed: Inappropriate ioctl for device" and "gpg: decryption
+# failed: Inappropriate ioctl for device". It seems related to I did not put
+# `export GPG_TTY=$(tty)` in pp xyz user's .profile, putting that in .profile
+# is suggested in `man gpg-agent`. After putting that, test with `echo | gpg -s
+# >/dev/null` works. but `echo | sudo gpg -s > /dev/null` does not work even if
+# I put `export GPG_TTY=$(tty)` in root user's .profile file. `sudo -i` then
+# `echo | gpg -s >/dev/null` works for root if put `export GPG_TTY=$(tty)` in
+# root .profile. With sudo, it needs `sudo --preserve-env=GPG_TTY`, test with
+# `echo | sudo --preserve-env=GPG_TTY gpg -s >/dev/null` works even if I do not
+# put `export GPG_TTY=$(tty)` in root .profile. using `sudo
+# --preserve-env=GPG_TTY` with `duplicity --use-agent` for pp also works.
+# However, using `sudo --preserve-env=GPG_TTY` may be not secure because I
+# noticed that root user's `tty` output is different, but my root user and xyz
+# user's gpg keys are the same, so whatever for now. There maybe a better way
+# instead.
+export GPG_TTY=$(tty)
+
 playerctld daemon
 
 # must source .bashrc after export _ZO_ECHO=1 and INPUTRC=..., else these two env will has no effect, don't know why
-- 
cgit v1.2.3-70-g09d2