GnuPG
From ArchWiki
GnuPG can be used to sign and encrypt files or mails.
gpg-agent
The gpg-agent is mostly used as daemon to request and cache the password for the keychain. This is useful if GnuPG is used from an external program like kmail. It can be activated by adding following line in ~/.gnupg/gpg.conf:
use-agent
This tells GnuPG to use the agent whenever it needs the password. However, the agent needs to run already. The best way is to start the agent at login. Since kdm doesn't parse ~/.xsession or ~/xinitrc the following gpg-agent-startub can be added to /etc/kde/env/:
eval "$(gpg-agent --daemon)"
This solution doesn't check, if the agent is already running!
This one only starts one agent and will reuse it:
envfile="${HOME}/.gpginfo" if test -f ${envfile} && kill -0 $(cut -d: -f 2 ${envfile} | head -n 1) 2>/dev/null; then eval $(cat ${envfile}) else eval `/usr/bin/gpg-agent --daemon --enable-ssh-support --write-env-file ${envfile}` fi export GPG_AGENT_INFO export SSH_AUTH_SOCK export SSH_AGENT_PID
Finally, the agent needs to know, how to ask the user for the password. This can be set in ~/.gnupg/gpg-agent.conf:
pinentry-program /usr/bin/pinentry-gtk-2 no-grab default-cache-ttl 1800