Install dependencies.
brew install pinentry pinentry-mac
Copy config files to:
mkdir -p ~/.gnupg
cp gpg.conf ~/.gnupg
cp gpg-agent.conf ~/.gnupg
# Enables GPG to find gpg-agent | |
use-standard-socket | |
# Connects gpg-agent to the OSX keychain via the brew-installed | |
# pinentry program from GPGtools. This is the OSX 'magic sauce', | |
# allowing the gpg key's passphrase to be stored in the login | |
# keychain, enabling automatic key signing. | |
pinentry-program /usr/local/bin/pinentry-mac |
# Uncomment within config (or add this line) | |
use-agent | |
# This silences the "you need a passphrase" message once the passphrase handling is all set. | |
# Use at your own discretion - may prevent the successful interactive use of some operations. | |
# It is working fine for my use cases though. | |
batch | |
# Ensures the cross certification "back signature" on the subkey is present and | |
# valid. This protects against a subtle attack against subkeys that can sign. | |
require-cross-certification |