The 2.X branch of GnuPG comes with gpg-agent for caching passphrases. The documentation is good, but here are my notes outlining my usual usage.
Add
if [ -f "${HOME}/.gnupg/agent-info" ]; then
source "${HOME}/.gnupg/agent-info"
fi
Start the agent with
$ GPG_TTY=$(tty)
$ gpg-agent --daemon --write-env-file "${HOME}/.gnupg/agent-info"
$ echo "GPG_TTY='${GPG_TTY}'; export GPG_TTY" >> "${HOME}/.gnupg/agent-info"
$ source "${HOME}/.gnupg/agent-info"
The GPG_TTY
bit will spawn the pinentry
call in the designated
TTY. This avoids troublesome issues like pinentry clobbering Mutt
if they are both using ncurses.
I didn't like any of the pinentry programs available on my system, so
I wrote my own: pinentry.py. To use my script, save it somewhere
on your system and add a line like the following to your
~/.gnupg/gpg-agent.conf
.
pinentry-program /path/to/pinentry.py
When you are done with the agent, kill it with
$ killall gpg-agent
$ rm -f "${HOME}/.gnupg/agent-info"