Added a comment: A possible solution

1 files changed, 21 insertions, 0 deletions

diff --git a/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_2_07feedb4348f8c31176cc744c19368a1._comment b/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_2_07feedb4348f8c31176cc744c19368a1._comment
new file mode 100644
index 000000000..b154263fe
--- /dev/null
+++ b/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_2_07feedb4348f8c31176cc744c19368a1._comment
@@ -0,0 +1,21 @@
+[[!comment format=mdwn
+ username="https://www.google.com/accounts/o8/id?id=AItOawkbpbjP5j8MqWt_K4NASwv0WvB8T4rQ-pM"
+ nickname="Fabrice"
+ subject="A possible solution"
+ date="2013-11-02T14:22:13Z"
+ content="""
+I'm answering to myself :-). A possible solution to the annoying pass phrase asking with current gnupg is to use a specialized secret keyring. One first exports the secret key used for this repository in a specific keyring as follows:
+
+`gpg --export-secret-keys keyid | gpg --import --no-default-keyring --secret-keyring mygitannexsecret.gpg`
+
+This will create a keyring in $HOME/.gnupg with only the specific key. 
+
+Then, in the git-remote-gcrypt shell script, gpg should be called as follows 
+
+`gpg --no-default-keyring --secret-keyring mygitannexsecret.gpg -q -d ...`
+
+when decrypting the manifest in order to try only the specific key. This behavior can be easily triggered via some git configuration variable.
+
+Any comment?
+
+"""]]