diff --git a/shell.nix b/shell.nix
index 5c1fc73..5ea56cd 100644
--- a/shell.nix
+++ b/shell.nix
@@ -11,6 +11,8 @@ pkgs.mkShell {
   shellHook = ''
     mkdir -p $HOME/.gnupg
     echo "pinentry-program = ${pkgs.pinentry-curses}/bin/pinentry-curses" > $HOME/.gnupg/gpg-agent.conf
+    chmod 700 /root/.gnupg
+    chmod 600 /root/.gnupg/gpg-agent.conf
 
     # Set the SSH agent socket for gpg-agent
     export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
@@ -20,11 +22,12 @@ pkgs.mkShell {
 
     # Import public key
     export KEY_URL="$(gpg --card-status | grep URL | cut -d' ' -f6)"
-    echo $KEY_URL
-
     curl $KEY_URL | gpg --import
     gpg --card-status
 
+    gpgconf --kill gpg-agent
+    gpg-agent --daemon
+
     touch dummy
     gpg -r hans --encrypt dummy
     gpg --decrypt dummy.gpg