message: Passphrase caching
2.7.4 Passphrase caching
------------------------
Message with EasyPG internally calls GnuPG (the ‘gpg’ or ‘gpgsm’
command) to perform data encryption, and in certain cases (decrypting or
signing for example), ‘gpg’/‘gpgsm’ requires user’s passphrase.
Currently the recommended way to supply your passphrase is to use the
‘gpg-agent’ program.
In particular, the ‘gpg-agent’ program supports passphrase caching so
that you do not need to enter your passphrase for every decryption/sign
operation. (gnupg)Agent Options.
How to use ‘gpg-agent’ in Emacs depends on your version of GnuPG.
With GnuPG version 2.1, ‘gpg-agent’ is started automatically if
necessary. With older versions you may need to run the following
command from the shell before starting Emacs.
eval `gpg-agent --daemon`
This will invoke ‘gpg-agent’ and set the environment variable
‘GPG_AGENT_INFO’ to allow ‘gpg’ to communicate with it. It might be
good idea to put this command in your ‘.xsession’ or ‘.bash_profile’.
(gnupg)Invoking GPG-AGENT.
Once your ‘gpg-agent’ is set up, it will ask you for a passphrase as
needed for ‘gpg’. Under the X Window System, you will see a new
passphrase input dialog appear. The dialog is provided by PIN Entry
(the ‘pinentry’ command), reasonably recent versions of which can also
cooperate with Emacs on a text console. If that does not work, you may
need to put a passphrase into gpg-agent’s cache beforehand. The
following command does the trick.
gpg --use-agent --sign < /dev/null > /dev/null