Next: , Previous: Help for developers, Up: Top

Appendix A GnuPG and EasyPG Assistant Configuration

If the auth-sources variable contains ~/.authinfo.gpg before ~/.authinfo, the auth-source library will try to read the GnuPG encrypted .gpg file first, before the unencrypted file.

In Emacs 23 or later there is an option auto-encryption-mode to automatically decrypt *.gpg files. It is enabled by default. If you are using earlier versions of Emacs, you will need:

     (require 'epa-file)
     (epa-file-enable)

If you want your GnuPG passwords to be cached, set up gpg-agent or EasyPG Assistant (see Caching Passphrases).

To quick start, here are some questions:

  1. Do you use GnuPG version 2 instead of GnuPG version 1?
  2. Do you use symmetric encryption rather than public key encryption?
  3. Do you want to use gpg-agent?

Here are configurations depending on your answers:

1 2 3 Configuration
Yes Yes Yes Set up gpg-agent.
Yes Yes No You can't, without gpg-agent.
Yes No Yes Set up gpg-agent.
Yes No No You can't, without gpg-agent.
No Yes Yes Set up elisp passphrase cache.
No Yes No Set up elisp passphrase cache.
No No Yes Set up gpg-agent.
No No No You can't, without gpg-agent.

To set up gpg-agent, follow the instruction in GnuPG manual (see Invoking GPG-AGENT).

To set up elisp passphrase cache, set epa-file-cache-passphrase-for-symmetric-encryption.