Gpg: Add passphrase to gpg-agent

From FVue
Jump to: navigation, search

Problem

I want to add a passphrase to gpg-agent. I would've expected to have a command gpg-add - just like ssh-add, but there isn't...

Solution

Contrary to ssh, the gpg passphrase is not supposed to be stored for a long time. Gpg will automatically store the passphrase in gpg-agent the first time the passphrase is entered. Just make sure you have the line:

use-agent

somewhere in your ~/.gnupg/gpg.conf. Most of the time this gpg behaviour will suffice. If not, there is this program:

/usr/lib/gnupg2/gpg-preset-passphrase

Gpg-agent needs to be started with --allow-preset-passphrase in order for this passphrase presetting to work. Now you can do

/usr/lib/gnupg2/gpg-preset-passphrase --preset keygrip

Keygrip is a 40 character string of hexadecimal characters identifying the key for which the passphrase should be set or cleared. This keygrip is listed along with the key when running the command: gpgsm --dump-secret-keys

See also

$ info gpg-preset-passphrase

Comments

blog comments powered by Disqus