An important component of the GnuPG suite is the Pinentry, which
allows for secure entry of passphrases requested by GnuPG. GnuPG
delivers various different programs as Pinentry, ranging from bland
pinentry-tty to fancy graphical dialogs for various
desktop environments, like
pinentry-gnome3. Your operating
system usually determines which of these is used by default.
Note that the selection of a concrete Pinentry program determines only how GnuPG queries for passphrases and not how often. For the latter question see Caching Passphrases.
With some configuration Emacs can also play the role of a Pinentry. The most natural choice, available with GnuPG 2.1.5 and later, is to use Emacs itself as Pinentry for requests that are triggered by Emacs. For example, if you open a file whose name ends with .gpg using automatic decryption, you most likely also want to enter the passphrase for that request in Emacs.
This so called loopback Pinentry has the added benefit that it works also when you use Emacs remotely or from a text-only terminal. To enable it:
allow-loopback-pinentry is configured for
gpg-agent, which should be the default. See Option Summary in Using the GNU Privacy Guard.
There are other options available to use Emacs as Pinentry, you might
come across a Pinentry called
these are considered insecure or semi-obsolete and might not be
supported by your operating system or distribution. For example,
Debian GNU/Linux supports only the loopback Pinentry described above.