--- 1.6.7-dmcrypt.rc.orig	2016-05-18 08:38:34.000000000 +0200
+++ 1.6.7-dmcrypt.rc	2017-01-20 08:07:53.562093166 +0100
@@ -176,7 +176,8 @@ dm_crypt_execute() {
 	if [ "${mode}" = "gpg" ] ; then
 		: ${gpg_options:='-q -d'}
 		# gpg available ?
-		if command -v gpg >/dev/null ; then
+		if command -v gpg >/dev/null && command -v gpg-agent >/dev/null; then
+			eval "$(gpg-agent --daemon)"
 			i=0
 			while [ ${i} -lt ${dmcrypt_retries} ] ; do
 				# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
@@ -189,6 +190,7 @@ dm_crypt_execute() {
 				: $(( i += 1 ))
 			done
 			eend ${ret} "failure running cryptsetup"
+			kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
 		else
 			ewarn "${source} will not be decrypted ..."
 			einfo "Reason: cannot find gpg application."
@@ -240,6 +242,11 @@ start() {
 	local header=true cryptfs_status=0
 	local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev
 
+	# Create workdir for GPG agent
+	local userrundir=false
+	[ -d /run/user ] && userdir=true
+	mkdir -p /run/user/$(id -u)
+
 	local x
 	for x in $(cat /proc/cmdline) ; do
 		case "${x}" in
@@ -295,6 +302,10 @@ start() {
 	dm_crypt_execute
 
 	ewend ${cryptfs_status} "Failed to setup dm-crypt devices"
+
+	# Destroy GPG agent workdir
+	rm -rf /run/user/$(id -u)
+	$test && rm -r /run/user
 }
 
 stop() {