Why must I enter a passphrase to encrypt a file with my own key?

Question

I have created a 4096-bit, password protected, RSA key for use during development efforts. I have my environment setup such that this key is the only private key I have on my secret key ring. Why does GPG ask for a password when I try to encrypt a file with this key, shouldn't GPG use the public version of this key to encrypt the file? If not, how can I instruct GPG to use the public version of the key to encrypt the file? Do I need to generate a public key from my private key and then import it into my pubring? How would I go about doing that?

I'd rather not have to use a passphrase just to encrypt my files, I only want to use the passphrase to decrypt them.

Edit: Here is the command line I used that prompted me for password. I have added code in my tool to determine if our private key is in the list of recipients and if it is, it will pipe the password through StandardInput and add --passphrase-fd 0 to the line.

gpg --output FileIn.txt.asc --batch --trust-model always --encrypt --sign --armor --recipient keyID1 --recipient privKeyID FileIn.txt

Answer 1

You're not only encrypting, but also signing the file. Encryption only requires access to the public key (which is not protected using the passphrase, as it can be -- well, public).

Signing basically works the other way round: a checksum of the file gets encrypted using the private key, so everybody else (with access to the public key) can decrypt the signature and verify it.

If you want to sign the file, you will have to continue entering the passphrase, or remove the passphrase.