GPG agent for automated processing

Werner Koch
Thu Apr 10 12:15:02 2003

On Wed, 9 Apr 2003 16:09:59 -0700, Joseph Bruni said:

> Here's a dumb question: Where can I find gpg-agent, anyway? I've been
> searching the web-site and FTP server and can't seem to find
> it. I've done google searches and only turned up discussions about it.

You need to get the lates newpg package from
as well as the latest libgcrypt from
and the pinentry package

That should be sufficient to build the gpg-agent, gpgsm won't be build
if you don't have libksba installed.  I am working on a GnuPG 1.9
which will include gpg, gpgsm and gpg-agent in one package.

> Another question: Does gpg-agent cache the pass-phrase, or does it
> cache the (unencrypted) private key the way ssh-agent does? Not that
> it would make any operational difference -- I'm just curious.

When used with current gpg versions, gpg-agent does only cache the
passphrase.  The plan is to modify gpg to divert all secret key
operations to the gpg-agent.  This has already been done for gpgsm
(the S/MIME cousin of gpg).

Whether the use of gpg-agent to cache the passphrase on an unattended
system is questionable.  The only advantage I can see is that the
passphrase is stored in ram and not in the file system; a ram disk
might be configured for the same effect.  BTW, the design of gpg-agent
would allow to enhance it to run on another machine.



  Nonviolence is the greatest force at the disposal of
  mankind. It is mightier than the mightiest weapon of
  destruction devised by the ingenuity of man. -Gandhi