Cache GPG passphrase for git signing on Mac

Question

There is already a more generic thread on the topic, Remember GPG password when signing git commits, but the answer there doesn't work for me. My environment is:

I installed GnuPG via Homebrew and wrote the following settings into the ~/.gnupg/gpg-agent.conf file:

default-cache-ttl 1209600 # 14 days
max-cache-ttl 31536000 # 1 year

But the cache isn't applied. Every ten minutes or so after I do a git commit, gpg prompts me to input the password again.

This is my global .gitignore file:

[commit]
    gpgSign = true

What am I missing?

It will only save the passphrase as long as `gpg-agent` is running. If you don't want to type it in after the agent has been stopped, don't use a passphrase. — dan1st, Nov 11 '20 at 15:29
Thanks @dan1st - do you know how can I make `gpg-agent` start along with the Bash session? — Paul Razvan Berg, Nov 11 '20 at 20:33

Marco · Accepted Answer · 2020-11-12T15:16:10.630

4

In my personal setup I have added the signingkey to the user section.

[user]
name = "Marco Franssen"
email = "marco@my-email.com"
signingkey = 63B0C3B53E26....

[commit]
gpgSign = true

Furthermore I have the following plugins in oh-my-zsh. (~/.zshrc)

plugins=(git keychain gpg-agent)

zstyle :omz:plugins:keychain agents ssh,gpg
zstyle :omz:plugins:keychain identities id_rsa 63B0C3B53E2....

This plugin boots an agent for my ssh and gpg keys.

Furthermore I have added the following file

$ cat ~/.gnupg/gpg-agent.conf
default-cache-ttl 3600

For Bash you might add the following to your ~/.bashrc.

edited Nov 12 '20 at 15:16

answered Nov 11 '20 at 16:35

Marco

Thanks for your answer, Marco! I updated the question body to specify what shell I'm using. Do you know what would be the equivalent for `plugins=(git keychain gpg-agent)` in Bash? – Paul Razvan Berg Nov 11 '20 at 20:30
@PaulRazvanBerg I have updated with a link the the script that the plugin adds. You should be able to add that to your ~/.bashrc. – Marco Nov 12 '20 at 15:18

1 Answers1