Next: PGP Compatibility, Previous: Using OpenPGP, Up: Security [Contents][Index]
Message with EasyPG internally calls GnuPG (the
gpg or gpgsm command) to perform data
encryption, and in certain cases (decrypting or signing for
example), gpg/gpgsm requires
user’s passphrase. Currently the recommended way to supply
your passphrase is to use the gpg-agent program.
In particular, the gpg-agent program supports
passphrase caching so that you do not need to enter your
passphrase for every decryption/sign operation. See
Agent Options in Using the GNU Privacy
Guard.
How to use gpg-agent in Emacs depends on your
version of GnuPG. With GnuPG version 2.1, gpg-agent
is started automatically if necessary. With older versions you
may need to run the following command from the shell before
starting Emacs.
eval `gpg-agent --daemon`
This will invoke gpg-agent and set the
environment variable GPG_AGENT_INFO to allow
gpg to communicate with it. It might be good idea to
put this command in your .xsession or
.bash_profile. See
Invoking GPG-AGENT in Using the GNU Privacy
Guard.
Once your gpg-agent is set up, it will ask you
for a passphrase as needed for gpg. Under the X
Window System, you will see a new passphrase input dialog appear.
The dialog is provided by PIN Entry (the pinentry
command), reasonably recent versions of which can also cooperate
with Emacs on a text console. If that does not work, you may need
to put a passphrase into gpg-agent’s cache beforehand. The
following command does the trick.
gpg --use-agent --sign < /dev/null > /dev/null