keychain 2.9.2: --ssh-spawn-gpg asks for passphrase #164
Description
With the new ability of keychain being able to use gpg-agent as a replacement for ssh-agent, we can start to see how gpg-agent's behavior deviates from that of ssh-agent. Specifically, when adding ssh keys to gpg-agent, gpg-agent will sometimes prompt the user using pinentry to set a passphrase to encrypt the key (and then confirm the passphrase). The user is then prompted (via pinentry) before the ssh key is used. This defeats the purpose of using keychain for things like cron jobs, where you want the ability for the cached key to be used without prompting.
More investigation is needed regarding the design of GnuPG, and how to potentially bypass this behavior. It may be possible to allow passwordless use of the key by just hitting enter twice -- however, this set/confirm password prompt is annoying and confusing even if this is a legitimate workaround, as it makes gpg-agent's behavior different and thus not a direct drop-in replacement for ssh-agent.