I wanted to start signing my Git commits so I followed the GitHub Tutorial and it did work. The issue was that the password prompt for my GPG key was in the command line, like in the following image and there is no option to save the password. Having to type in a password so often is very tedious and often leads to people choosing weak passwords. In this case it’s especially annoying since people who install the GUI version of GPG get a GUI password prompt with a checkbox to save the password to the macOS keychain.
How to fix it
You should have the file
~/.gnupg/gpg-agent.conf which should have something like this in it:
pinentry-program /Users/unixb0y/.brew/homebrew/bin/pinentry (“Homebrew install location path” / pinentry). The path could definitely differ since I have my custom Homebrew folder where all its binaries sit.
Pinentry, like the name suggests, is the program that macOS is instructed use for “pin entries” (GPG password entry) and you have to change it to
pinentry-mac to use the GUI version of the password prompt. It usually comes with the Homebrew-installation of GPG (even though the actual GPG tool is command-line only). If you don’t have
pinentry-mac installed (check by just typing in the console
pinentry-mac and then aborting with
CTRL+C if it worked out), get it via Homebrew:
brew install pinentry-mac.
Then restart the GPG agent:
gpgconf --kill gpg-agent.
After doing that and trying to sign a commit message, you will be prompted with the GUI version of pinentry which has a checkbox to save your password like this:
Enter your password, check “Save in Keychain” and there you go!
EDIT: It is possible that it still doesn’t work right away and no new entries in your login Keychain appear. It can help to additionally look for (or create) the file
~/.gnupg/gpg.conf and insert
use-agent as well as putting
use-standard-socket before the pinentry-program inside of
use-standard-socket pinentry-program /usr/local/bin/pinentry-mac