I'm using git with GnuPG signing. Each time I want to sign a commit I have to provide my GnuPG key password.
Is it possible to make git take advantage of some system-wide keyring, like gnome-keyring? I can't seem to find any documentation on that, or even any thread on this in the web. Perhaps there is some solution I'm not aware of, that is not popular enough to be easy to google.
There are probably some GUI tools that can do that for me, but I'm not interested in those, I mostly use git from console, sometimes from IntelliJ-based IDEs, which just invoke the system git binary. Having a system-side solution will allow me to use git config --global commit.gpgsign true with these IDEs (and cli).
Copied from https://superuser.com/questions/624343/keep-gnupg-credentials-cached-for-entire-user-session
Up to GnuPG 2
The user configuration (in
~/.gnupg/gpg-agent.conf) can only define the default and maximum caching duration; it can't be disabled.The
default-cache-ttloption sets the timeout (in seconds) after the last GnuPG activity (so it resets if you use it), themaximum-cache-ttloption set the timespan (in seconds) it caches after entering your password. The default value is 7200 (2 hours) for both.Set it to a year or so – say, 34560000 seconds (400 days) – and you should be fine:
default-cache-ttl 34560000 maximum-cache-ttl 34560000But for this change to take effect, you need to end the session by restarting gpg-agent.
If you want to limit to your session length, you'd need to kill the daemon at logout. This is very different between operating systems, so I'm referring to another question/answer containing hints for different systems.
You could also restart the
gpg-agentduring login, but this does not limit caching time to the session length, but logins of a user. Decide yourself if this is a problem in your case.GnuPG 2.1 and above
In GnuPG 2.1 and above, the
maximum-cache-ttloption was renamed tomax-cache-ttlwithout further changes.