
Using gpg-agent Effectively - eklitzke
https://eklitzke.org/using-gpg-agent-effectively
======
phyzome
I just started using gpg-agent recently [1] when I had to figure out how to
store secrets in Ansible's Vault without entering the vault passphrase every
time. Here's the guide I used:

[https://blog.erincall.com/p/using-pgp-to-encrypt-the-
ansible...](https://blog.erincall.com/p/using-pgp-to-encrypt-the-ansible-
vault)

It works really well! I open a terminal, use ssh-agent to get access to the
master SSH key, and do my Ansible stuff, which then uses gpg-agent to access
the Vault. I basically end up with a terminal session with elevated
privileges.

[1] other than Emacs's built-in support for working with encrypted files, I
guess

------
jfkw
This is very informative, thanks.

While I haven't investigated the additional benefits of running gpg-agent as a
service as you've shown here, I did want to mention Keychain [0] which has
been great for managing ssh-agent and gpg-agent for console use.

[0] [https://www.funtoo.org/Keychain](https://www.funtoo.org/Keychain)

