防止git在签署提交时要求GnuPG密码
Git总是要求我在使用提交进行签名时输入密码来解锁我的秘密密钥.
Git always asks me to enter a passphrase to unlock my secret key while signing a commit using.
git commit -S -m 'message'
如何在缓存中存储密码,这样在签署提交时不必每次都输入密码
How can I store in cache the password so that I don't have to enter it each and every time while signing the commit
Git永远不会掌握GnuPG密码.您必须依靠GnuPG的缓存密码短语的功能,该功能通过gpg-agent发生,通过编辑~/.gnupg/gpg-agent.conf(隐藏在Windows的AppData文件夹中的某个位置)可以轻松地进行设置.
Git never gets hold of the GnuPG passphrase. You must rely on GnuPG's capabilities of caching passphrases, which happens through gpg-agent which are easily set up by editing ~/.gnupg/gpg-agent.conf (hidden somewhere in your AppData folder in Windows).
将default-cache-ttl设置为每次调用GnuPG后高速缓存密码短语的秒数. maximum-cache-ttl设置密码初始输入后擦除高速缓存的时间.确保未设置ignore-cache-for-signing,否则GnuPG将忽略用于签名操作的缓存.
Set default-cache-ttl to the number of seconds the passphrase is cached after each invocation of GnuPG. maximum-cache-ttl sets the time after the passphrase was initially entered at which the cache is wiped. Make sure ignore-cache-for-signing is not set -- otherwise GnuPG will ignore the cache for signing operations.
如果您想在没有任何用户交互的情况下签署提交,则可以通过gpg-preset-passphrase预先填充缓存,该缓存通常隐藏在/usr/lib/gnupg2/gpg-preset-passphrase之类的位置;或通过运行任意解密或签名操作.您可能还配置了git以使用像--passphrase [your passphrase]这样的选项传递给gpg,但是请仔细阅读此方法的限制和安全隐患(涉及到密码以明文形式存储在某处).
If you want to sign commits without any user interaction, you can prefill the cache through gpg-preset-passphrase, often hidden somewhere in a location like /usr/lib/gnupg2/gpg-preset-passphrase; or by running an arbitrary decryption or signing operation. You might also configure git to use an option like --passphrase [your passphrase] to be passed to gpg, but read up on the restrictions and security implications of this approach (it involves your passphrase being stored in plaintext somewhere).
完整的选项列表位于此处.