I just started using gpg-agent recently [1] when I had to figure out how to store secrets in Ansible's Vault without entering the vault passphrase every time. Here's the guide I used:<p><a href="https://blog.erincall.com/p/using-pgp-to-encrypt-the-ansible-vault" rel="nofollow">https://blog.erincall.com/p/using-pgp-to-encrypt-the-ansible...</a><p>It works really well! I open a terminal, use ssh-agent to get access to the master SSH key, and do my Ansible stuff, which then uses gpg-agent to access the Vault. I basically end up with a terminal session with elevated privileges.<p>[1] other than Emacs's built-in support for working with encrypted files, I guess
This is very informative, thanks.<p>While I haven't investigated the additional benefits of running gpg-agent as a service as you've shown here, I did want to mention Keychain [0] which has been great for managing ssh-agent and gpg-agent for console use.<p>[0] <a href="https://www.funtoo.org/Keychain" rel="nofollow">https://www.funtoo.org/Keychain</a>