auth: GnuPG and EasyPG Assistant Configuration
Appendix A GnuPG and EasyPG Assistant Configuration
***************************************************
If the ‘auth-sources’ variable contains ‘~/.authinfo.gpg’ before
‘~/.authinfo’, the auth-source library will try to read the GnuPG
encrypted ‘.gpg’ file first, before the unencrypted file.
In Emacs 23 or later there is an option ‘auto-encryption-mode’ to
automatically decrypt ‘*.gpg’ files. It is enabled by default. If you
are using earlier versions of Emacs, you will need:
(require 'epa-file)
(epa-file-enable)
If you want your GnuPG passwords to be cached, set up ‘gpg-agent’ or
EasyPG Assistant (Caching Passphrases (epa)Caching Passphrases.).
To quick start, here are some questions:
1. Do you use GnuPG version 2 instead of GnuPG version 1?
2. Do you use symmetric encryption rather than public key encryption?
3. Do you want to use gpg-agent?
Here are configurations depending on your answers:
1 2 3 Configuration
Yes Yes Yes Set up gpg-agent.
Yes Yes No You can’t, without gpg-agent.
Yes No Yes Set up gpg-agent.
Yes No No You can’t, without gpg-agent.
No Yes Yes Set up elisp passphrase cache.
No Yes No Set up elisp passphrase cache.
No No Yes Set up gpg-agent.
No No No You can’t, without gpg-agent.
To set up gpg-agent, follow the instruction in GnuPG manual (
Invoking GPG-AGENT (gnupg)Invoking GPG-AGENT.).
To set up elisp passphrase cache, set
‘epa-file-cache-passphrase-for-symmetric-encryption’.