How can I restart gpg-agent?

Question

Some changes in the GnuPG configuration demands a gpg-agent restart / reboot (according to the doc), but... How can I do that? I tried gpg-agent restart, service gpg-agent restart, but did not succeed.

Answer 1

With current GPG (2.1+), to stop gpg-agent you can use gpgconf --kill, like this:

gpgconf --kill gpg-agent

You shouldn’t need to manually restart it. GPG will restart it when it’s needed.

This information can be found in gpg-agent online manual and man gpg-agent.

Answer 2

My preferred way is with gpg-connect-agent reloadagent /bye. See gpg-connect-agent help /bye for a complete list of commands.

Answer 3

On modern systemd-based Linux distros the gpg-agent is controlled by the userspace systemd.

You can check/start/stop it with the following commands (without sudo):

systemctl --user status gpg-agent
systemctl --user stop gpg-agent
systemctl --user start gpg-agent

Answer 4

gpg-agent is not a system-wide service but started once per user (thus, it is not managed by service). Although sometimes invoked by user's dotfiles or at least in Debian and derivatives also when X11 is started (and gpg-agent is installed) in /etc/X11/Xsession.d/90gpg-agent (to make sure a common gpg-agent is used by all GnuPG calls, no matter whether from a terminal or GUI applications); it is also started automatically by GnuPG when required. From man gpg-agent:

The agent is automatically started on demand by gpg, gpgsm, gpgconf, or gpg-connect- agent. Thus there is no reason to start it manually. In case you want to use the included Secure Shell Agent you may start the agent using:

gpg-connect-agent /bye

Usually, a simple killall gpg-agent (from a non-root shell) should be fine for terminating gpg-agent. You'll likely observe a slight delay when using GnuPG the next time, as gpg-agent is started again.

Answer 5

To add one more way of restarting the agent that hasn't been mentioned yet:

# kill the agent
gpg-connect-agent killagent /bye
# start it again
gpg-connect-agent /bye

If GPG caches SSH keys as well, the second command is necessary. Given that gpg-connect-agent is the recommended way of starting the agent (in man gpg-agent) I wanted to also use it for killing which turned out to be possible (at least with gpg-connect-agent 2.4.4).

Answer 6

In my experience there are some scenarios where gpg will fail to start a fresh gpg agent (importing a new key?).

Kill the old agent as so:

GNUPGHOME="${GNUPGHOME:-$HOME/.gnupg}" gpgconf --kill gpg-agent

and then start the new one:

gpg-agent --homedir "${GNUPGHOME:-$HOME/.gnupg}" --daemon

Setting the --homedir explicitly when starting assures your ps listing is clear when you have more than one homedir; and it's analagous to what gpg does when it starts it.

Setting the GNUPGHOME when stopping is not necessary, but it might make you or the code reviewer more comfortable.

Answer 7

In my case --kill was an invalid argument for gpgconf. This worked:

killall gpg-agent || true
gpg-agent --daemon --use-standard-socket

Answer 8

I face this problem too often and just restarting the agent works everytime. For windows-

gpg-connect-agent reloadagent /bye

For Linux -

systemctl --user reload gpg-agent

Good luck !

Answer 9

None of the solutions worked for me. So I just deleted the /home/my_user/.gnupg directory. Then ran my bash_script.sh (that contains the gpg decrypt command) which automatically re-created the /home/my_user/.gnupg directory and created secring.gpg and pubring.gpg within that directory.

Now, I just needed to import my keys like -

# importing public key
gpg --import my_public_key.pub
importing private key
gpg --allow-secret-key-import --import my_private_key.private

Finally, I reran my bash_script.sh which showed me a GUI that prompted me for the passphrase to use my keys for file decryption.