If you are using gpg-agent all passwords (including the master password) are stored/saved in ~/.password-store
.
From the "pass" website:
There will be a nice password input dialog using the standard gpg-agent
(which can be configured to stay authenticated for several minutes), since all passwords are encrypted.
gpg-agent manual page:
--default-cache-ttl n Set the time a cache entry is valid to n seconds.
The default is 600 seconds.
--default-cache-ttl-ssh n Set the time a cache entry used for SSH keys
is valid to n seconds.
The default is 1800 seconds.
--max-cache-ttl n Set the maximum time a cache entry is valid to n seconds.
After this time a cache entry will be expired even if it has been accessed recently.
The default is 2 hours (7200 seconds).
--max-cache-ttl-ssh n Set the maximum time a cache entry used for SSH keys is valid
to n seconds. After this time a cache entry will be expired even if
it has been accessed recently.
The default is 2 hours (7200 seconds).
and ...
gpg-agent.conf
This is the standard configuration file read by gpg-agent on
startup. It may contain any valid long option; the leading
two dashes may not be entered and the option may not be abbreviated.
This file is also read after a SIGHUP however only a few
options will actually have an effect. This default name may be
changed on the command line (see: [option --options]).
You should backup this file.
This will only be read if you actually use gpg-agent. If it is "seahorse" (the default in Ubuntu) gpg-agent is ignored).
So you can put any of the 4 parameters in the configuration file with a time in seconds to keep password valid (that includes the master password since that is also stored in ). To release the passwords you can use echo RELOADAGENT | gpg-connect-agent
(see the manual for more options).
I had a similar problem and solved it by installing pinentry-gnome3 (I'm using Gnome Shell, not Unity):
sudo apt-get install pinentry-gnome3
Best Answer
Let me begin by saying I had the exact same issue...
Your GPG secrets are probably being handled by the Gnome Keyring, even if
gpg-agent
is running. This answer provides some details on the available options for it.Another way is to disable the GPG component of the Gnome Keyring, so that
gpg-agent
is used:*.desktop
) the file/etc/xdg/autostart/gnome-keyring-gpg.desktop
.gpg-agent
to autostart. At least for me, running Ubuntu 13.04, that's true. However, if you need to, refer this post for some information on how to configure it.gpg-agent
should be running, and it does respond both to settings in~/.gnupg/gpg-agent.conf
and toSIGHUP
signals.ssh-agent
orgpg-agent
gpg-agent
autostart already includes SSH support (the default one in Ubuntu 13.04 does)