The 2.X branch of GnuPG comes with gpg-agent for caching passphrases. The documentation is good, but here are my notes outlining my usual usage.
Add the following to your ~/.bashrc
(see dotfiles for fancy
dotfiles maintenance):
if [ -f "${HOME}/.gnupg/agent-info" ]; then
source "${HOME}/.gnupg/agent-info"
fi
Start the agent with
$ gpg-agent --daemon --display "${DISPLAY}" --ttyname $(TTY) --keep-tty --keep-display --write-env-file "${HOME}/.gnupg/agent-info"
$ source "${HOME}/.gnupg/agent-info"
The ttyname
bit will spawn the pinentry
call in the designated
TTY. This avoids troublesome issues like pinentry clobbering Mutt
if they are both using ncurses.
I didn't like any of the pinentry programs available on my system, so I wrote my own in pyassuan.
When you are done with the agent, kill it with
$ killall gpg-agent
$ rm -f "${HOME}/.gnupg/agent-info"
Since these commands are tedious to remember and type, I've wrapped them in little scripts: gpg-agent-spawn.sh and gpg-agent-kill.sh.