I do sign commits with git, and it's a big problem that I can't enter gpg key passphprase from anywhere except CLI. If I'll do commit in vscode for example, it will fail. So I've came up with idea to just simply input passphrase from CLI, and cache it for some period of time.

I'm using fish shell in here so here's a config:

set -x GPG_TTY (tty)
eval (gpg-agent --daemon --allow-preset-passphrase  --default-cache-ttl 43200)

As I understand I need to enable to preset the passhprase for the agent. So now what's next?

I've tried to preset a key like this, but it fails:

$ echo mypassphrase | /usr/lib/gnupg2/gpg-preset-passphrase -c E2AB66331DA5CA780B7B1FA5D4BF11DA1E39EDFF

gpg-preset-passphrase: caching passphrase failed: Not supported

I've googled everything I could, but no one is answering this question anywhere. Would be nice to have something like ssh-add, you just add a private key, and enter password, wonder why gpg-agent haven't adopted this nice design.

For future reference, in my Ubuntu distro I had pinentry installed (inside /usr/bin/) so I could use it as such

In ~/.gnupg/gpg-agent.conf:

pinentry-program /usr/bin/pinentry

An alternative is pinentry-tty, which you can install with brew or apt

pinentry-program /home/linuxbrew/.linuxbrew/bin/pinentry-tty

Both ask for the password in the terminal, but pinentry has a TUI that looks like a modal in a web, whereas pinentry-tty ask for it directly as the output of the command, exactly as using sudo does.

Last but not least, reload the gpg-agent with

gpg-connect-agent reloadagent /bye

Edit: After rebooting this method no longer worked. To fix it, I had to add export GPG_TTY=$(tty) to my .profile (I imagine .bashrc, .zshrc or any other similar file will also work).

Seems to be solved. There's a need to add couple of things to ~/.gnupg/gpg-agent.conf:

default-cache-ttl 46000
pinentry-program /usr/bin/pinentry-gtk-2
allow-preset-passphrase

Reload gpg-agent

gpg-connect-agent reloadagent /bye

For future reference, in my Ubuntu distro I had pinentry installed (inside /usr/bin/) so I could use it as such

In ~/.gnupg/gpg-agent.conf:

pinentry-program /usr/bin/pinentry

An alternative is pinentry-tty, which you can install with brew or apt

pinentry-program /home/linuxbrew/.linuxbrew/bin/pinentry-tty

Both ask for the password in the terminal, but pinentry has a TUI that looks like a modal in a web, whereas pinentry-tty ask for it directly as the output of the command, exactly as using sudo does.

Last but not least, reload the gpg-agent with

gpg-connect-agent reloadagent /bye

Edit: After rebooting this method no longer worked. To fix it, I had to add export GPG_TTY=$(tty) to my .profile (I imagine .bashrc, .zshrc or any other similar file will also work).