GPG Signing git commits on macOS keeps asking for passphrase

This blog provides a solution for macOS users who encounter repetitive passphrase prompts when signing Git commits with GPG. By installing pinentry-mac via Homebrew and configuring GPG-agent to utilize it, users can seamlessly integrate passphrase management with the macOS keychain, streamlining the signing process.

When working with Git on macOS and signing commits using GPG, you might encounter the inconvenience of repeatedly being asked for your passphrase. This can be mitigated by saving the passphrase in the macOS keychain. However, GPG-agent lacks built-in support for this feature. Here's how you can address this issue:

Prerequisites Ensure you have Homebrew installed on your macOS system.

Installation Install the pinentry-mac tool using Homebrew:

brew install pinentry-mac

Configuration

Determine the path to pinentry-mac:
```
which pinentry-mac
```
If not already existing, create the file ~/.gnupg/gpg-agent.conf
Add the following line to gpg-agent.conf, replacing the path with your own pinentry-mac path

vi ~/.gnupg/gpg-agent.conf

pinentry-program /opt/homebrew/bin/pinentry-mac

Restart GPG-Agent

Stop the currently running gpg-agent:

gpgconf --kill gpg-agent

With these steps, you've configured GPG to use pinentry-mac, which integrates with the macOS keychain, eliminating the need for repeatedly entering your passphrase when signing Git commits.

Reference: Methods of Signing Git Commits on MacOS