From Google Groups:

I've some trouble adding gpg keys with keychain. I apparently need to
add both primary key and associated subkey to gpg-agent. But using
keychain no matter which key I try to add, it always is the one
associated with the primary key.

This is what I do

$ keychain 0AA975DA

Then the pinentry-curses shows

Please enter the pass-phrase to unlock the secret key for the OpenPGP
certificate:
"Koen Smets <koen....@gmail.com>"
4096-bit RSA key, ID 0AA975DA,
created 2009-08-28

$ keychain 0AA975DA
* Known gpg key: 0AA975DA

Then I encrypt a file

$ gpg -r koen....@gmail.com -e foo.txt

Now, when I want to decrypt the file:

$ gpg -d foo.txt.gz

Again, pinentry-cursus asks my passphrase. This time with another message:

Please enter the pass-phrase to unlock the secret key for the OpenPGP
certificate:
"Koen Smets <koen....@gmail.com>"
4096-bit RSA key, ID A4548D20
created 2009-08-28 (main key ID 0AA975DA).

Note the difference in keys between the two dialogs.

If I add the subkey A4548D20, instead of the associated primary key,
after clearing the keychain same behavior occurs.

I tried to figure out what is happening behind the scenes by setting
debug-level to guru and writing everything a separate log file. There I
noticed that indeed two separate keys need to be present in cache of the
gpg-agent:

agent_get_cache `F254C61A4F1DC4F6AF2804C949DBF1F00AA975DA'
agent_get_cache `5017CCEEC87D8EF28E21D6E9E84ACB2CA4548D20'

Where the former is asked when I use the keychain command

$ keychain 0AA975DA

or

$ keychain A4548D20

while the latter, when I try decrypting using gpg

$ gpg -d foo.txt.gz

Note that if I try:

$ keychain 0AA975D0 A4548D20

It only asks the pass-phrase once, the other one is known (as they both
resolve to the same hash! But for decrypting a file it needs another one...

I think I'm missing something... So, how can I properly add my gpg key
to the keychain, such that when decrypting a file I'm not again asked
for my pass-phrase a second time.