I'm using vagrant for building and signing my debian/ubuntu packages but I'd prefer to not have have to copy my GPG keys into the virtual machine just to sign packages. It just feels insecure. Is there any way to forward my local gpg-agent socket so it can be used in vagrant?
I know that OpenSSH 6.7 has support for socket forwarding, but for the moment I'd prefer to not replace the OpenSSH 6.2 included with OSX 10.10, since software updates are bound to blow away any changes made to SSH installed via homebrew.
All the gpg/ssh/socat tutorials I've found depend on the deprecated GPG_AGENT_INFO. How are others using GPG on remote hosts without transferring their keys?
