How to prevent gpg-agent from timing out during passphrase collection?
I'm calling out to gpg2
in a CLI script for symmetrical encryption of a local file. It appears to have gpg-agent
prompt for a passphrase via some CLI, text based UI. As long as I'm around to enter the passphrase everything works fine. If I'm not, however, it eventually fails out with this message:
gpg-agent[15338]: command get_passphrase failed: Operation cancelled
gpg: cancelled by user
gpg: error creating passphrase: Operation cancelled
gpg: symmetric encryption of `XXXX.tar' failed: Operation cancelled
Is there any way to turn off this timeout entirely?
I would want the passphrase prompt to remain on the screen indefinitely until I enter something.
Solution 1:
The solution has been found here: https://dev.gnupg.org/T3240
The delay is caused by the pinentry querying the GNOME keyring. Add no-allow-external-cache
to your gpg-agent.conf, or remove gnome-keyring
, and kill currently running gpg-agent: gpgconf --kill gpg-agent
Solution 2:
In gpg-agent.conf (see gpg-agent(1)), try the following options:
pinentry-timeout 0
pinentry-program /usr/bin/pinentry-curses --timeout 0
(You might find pinentry-tty
somewhat nicer to use though.)