gpgconf

List all components

$ gpgconf --list-components

$ gpgconf [[-L|--list-dirs]]

$ gpgconf --list-options [component]

$ gpgconf --check-programs

$ gpgconf --reload [component]

gpgconf [options] [component [variable [value]]]
gpgconf --list-options [component]
gpgconf --show-options [component]
gpgconf --change-options [component]
gpgconf --reload [component]

component
    Specifies the GnuPG component (e.g., gpg, gpg-agent, gpgsm, scdaemon) to configure.

variable
    The specific configuration variable to operate on.

value
    The new value to assign to the configuration variable.

--list-options [component]
    Lists all available configuration options for the specified component, or all components if none is given.

--list-components
    Lists all GnuPG components whose configurations can be managed by gpgconf.

--show-options [component]
    Displays the currently effective configuration options and their values for the specified component.

--change-options [component]
    Enters an interactive mode to modify configuration options for a component. Useful for one-time changes.

--reload [component]
    Instructs the specified component (e.g., gpg-agent) to reload its configuration from disk, applying recent changes.

--kill [component]
    Terminates the specified running GnuPG component (e.g., gpg-agent), allowing it to restart with new settings.

--launch [component]
    Ensures the specified component is running; launches it if it's not already active.

--homedir dir
    Specifies an alternative GnuPG home directory instead of the default (~/.gnupg).

-v, --verbose
    Enables more verbose output, providing additional details about operations.

-q, --quiet
    Suppresses informational output, showing only critical errors or requested data.

--version
    Prints the version information of gpgconf and exits.

The gpgconf command is a vital utility within the GNU Privacy Guard (GnuPG) suite, designed for comprehensive management of configuration settings across its various components. These components include, but are not limited to, gpg, gpg-agent, gpgsm, and scdaemon. gpgconf provides a centralized and programmatic interface to view, set, or unset configuration parameters, eliminating the need to manually edit potentially scattered and complex configuration files. It's an indispensable tool for customizing GnuPG's behavior, especially in scripting and automated environments where precise control over GnuPG's operational aspects is required. It can list all available options for each component, display their current values, and apply modifications, ensuring that changes are applied to the correct part of the GnuPG system and interacting seamlessly with the user's GnuPG home directory.

Careless modification of GnuPG configurations using gpgconf can lead to unexpected behavior or break GnuPG functionality. Some changes, especially those affecting daemons like gpg-agent, might require a --reload or --kill/--launch sequence to take effect. Users should always exercise caution and understand the impact of configuration changes. Additionally, gpgconf operates within the context of the GnuPG home directory, and proper file system permissions are essential for its correct operation.

While gpgconf provides a command-line interface, it primarily interacts with and modifies plain-text configuration files located within the GnuPG home directory (typically ~/.gnupg/). Examples include gpg.conf, gpg-agent.conf, and dirmngr.conf. Direct editing of these files is possible but gpgconf offers validation and a structured approach, reducing the risk of errors.

One of gpgconf's key strengths is its suitability for scripting. Its ability to programmatically query and set options makes it invaluable for automated deployments, managing GnuPG instances on servers, or dynamically adjusting settings based on operational needs without requiring manual intervention.

gpgconf emerged as a necessary tool within the GnuPG ecosystem as the suite evolved into a more modular and complex system. Introduced to manage the configurations of individual components like gpg-agent and scdaemon, it provided a standardized and programmatic way to interact with settings that were previously managed through disparate configuration files. Its development reflects GnuPG's growth from a single cryptographic tool into a comprehensive framework for secure communication and data handling, requiring robust configuration management capabilities.

gpg(1), gpg-agent(1), gpgsm(1), scdaemon(1), dirmngr(8), pinentry(1), gnupg(7)