First, I spent an hour trying answers with similar titles so please read this through before flagging this question as a duplicate.
I use a YubiKey to store my PGP private key using its smart card feature.
I confirm the private key works as I can connect to servers using SSH (which triggers pinentry-mac).
$ cat .gnupg/gpg-agent.conf
enable-ssh-support
default-cache-ttl-ssh 60
max-cache-ttl-ssh 120
default-cache-ttl 60
max-cache-ttl 120
pinentry-program /usr/local/bin/pinentry-mac
The gpg: decryption failed: No secret key error is thrown when the YubiKey smart card is not unlocked and I run gpg commands.
$ gpg --decrypt /path/to/file.asc
gpg: encrypted with RSA key, ID redacted
gpg: encrypted with 4096-bit RSA key, ID redacted, created redacted
redacted
gpg: public key decryption failed: Broken pipe
gpg: decryption failed: No secret key
When the above error is thrown, connecting to a server using SSH triggers pinentry-mac, I then ctrl+c and run gpg --decrypt /path/to/file.asc and pinentry-mac is triggered.
What is going on here? How can I get gpg --decrypt /path/to/file.asc to work without having to use ssh first?
I am probably missing something!
