Using gpg-agent over ssh

Solution 1:

When you login with ssh user@serverB then manually execute the script it will prompt you for the passphrase the first time, then when you execute the script shh-agent will provide the stored passphrase.

However when you run ssh user@serverB "sudo -E /path/to/script.sh you are doing a new login each time, and I don't think ssh-agent would support saving the passphrase over separate SSH logins.

Keychain appears to do what you require: http://www.funtoo.org/Keychain

With keychain, you only need to enter a passphrase once every time your local machine is rebooted. Keychain also makes it easy for remote cron jobs to securely "hook in" to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.

The current version of keychain supports gpg-agent as well as ssh-agent.