Switch back to ssh-agent from gpg-agent with setting $SSH_ASKPASS which internally uses gpg

README.md

@@ -155,7 +155,6 @@ Check [traps](./windows/Multi-booting.md)
    ```bash
    touch ~/.ssh/id_ed25519 && chmod 400 ~/.ssh/id_ed25519
    hx ~/.ssh/id_ed25519
-   gpg-connect-agent updatestartuptty /bye
    ssh-add ~/.ssh/id_ed25519
    ```
 

home-manager/gpg.nix

@@ -38,7 +38,7 @@ in
 
     pinentryPackage = pkgs.pinentry-tty;
 
-    enableSshSupport = true;
+    enableSshSupport = false;
   };
 
   # https://github.com/nix-community/home-manager/blob/release-24.05/modules/programs/gpg.nix

home-manager/ssh.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ pkgs, config, ... }:
 
 let
   # SSH files cannot use XDG Base Directory.
@@ -16,8 +16,20 @@ in
 # - id_*.pub: I CAN register them for different services.
 {
   # https://github.com/nix-community/home-manager/blob/release-24.05/modules/services/ssh-agent.nix
-  # Prefer gpg-agent for SSH agent role
-  services.ssh-agent.enable = false;
+  services.ssh-agent.enable = pkgs.stdenv.isLinux;
+
+  home.sessionVariables = {
+    # 'force' ignores $DISPLAY. 'prefer' is not enough
+    SSH_ASKPASS_REQUIRE = "force";
+    SSH_ASKPASS = pkgs.lib.getExe (
+      pkgs.writeShellApplication {
+        name = "ssh-ask-pass";
+        text = "pass show ssh-pass";
+        meta.description = "GH-714. Required to be wrapped with one command because of SSH_ASKPASS does not accept arguments.";
+        runtimeInputs = with pkgs; [ pass ];
+      }
+    );
+  };
 
   # https://github.com/nix-community/home-manager/blob/release-24.05/modules/programs/ssh.nix
   programs.ssh = {

nixos/configuration.nix

@@ -140,10 +140,6 @@
   # Some programs need SUID wrappers, can be configured further or are
   # started in user sessions.
   # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
 
   # List services that you want to enable:
 

nixos/desktop/default.nix

@@ -85,7 +85,7 @@
       gnome-music # does not support flac by defaults
     ]);
 
-  # Recommended to be uninstalled by gnupg.
+  # Recommended to be uninstalled by gnupg. I prefer this way, even though disabling gpg-agent ssh integrations.
   # https://wiki.gnupg.org/GnomeKeyring
   #
   # And enabling this makes $SSH_AUTH_SOCK overriding even through enabled gpg-agent in home-manager