Last active
February 14, 2025 02:43
-
-
Save mrgrain/9c3519952d9af811bd7bf50bfcfaa16f to your computer and use it in GitHub Desktop.
1Password CLI pinentry for gpg-agent
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| COMMAND="op read $OP_PIN_ITEM" | |
| echo "OK" | |
| while read cmd rest; do | |
| echo "cmd=$cmd rest=$rest" >&2 | |
| echo "cmd=$cmd rest=$rest" >> $LOG | |
| case "$cmd" in | |
| \#*) | |
| echo "OK" | |
| ;; | |
| GETPIN) | |
| PASSPHRASE=${PASSPHRASE-`$COMMAND`} | |
| echo "D ${PASSPHRASE}" | |
| echo "OK" | |
| ;; | |
| BYE) | |
| echo "OK" | |
| exit 0 | |
| ;; | |
| *) | |
| echo "OK" | |
| ;; | |
| esac | |
| done |
slightly adjusted fish version:
❯ cat pinentry-1password.fish
#!/usr/bin/env fish
echo "OK"
set key "GPG-898DFASD78345D"
set passphrase ""
set vault "Private"
while read cmd val
#echo "cmd=$cmd val=$val" >> /tmp/logs
switch $cmd
case SETDESC
set passphrase (op read op://$vault/$key/password)
case GETPIN
echo "D $passphrase"
case SETERROR
echo "ERR 31 Invalid passphrase"
case BYE
exit 0
end
echo "OK"
end
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Usage
pinentry-1password.shto/usr/bin/pinentry-1password.shor a location of your choicechmod +x /pinentry-1password.sh~/.gnupg/gpg-agent.conf(change the path to the location of the script):.profile,.bashrc,.zshrcetc. setOP_PIN_ITEMto the secret reference for your key's passphrase:WSL
You'll need to install and configure 1Password CLI for Windows. Then, in your WSL shell use
op.exeinstead. Adjust line 3 of the pinentry script accordingly:COMMAND="op.exe read $OP_PIN_ITEM"