Password being saved for session
Reported by alphaace | June 22nd, 2011 @ 06:25 PM | in 1.7 (closed)
It appears that if you decrypt using "gpg *.gp" in the command prompt and you enter your password (via the gui window that pops up), that password is saved for the remainder of your session and a reboot it is needed to clear it.
The same issue occurs via the gui(right click -> decrypt). Is there a way to clear the password every time? It would be nice if there were a setting somewhere about whether or not to save the password.
Comments and changes to this ticket
-
Alex (via GPGTools) June 22nd, 2011 @ 11:52 PM
- Milestone set to “1.7”
- State changed from “new” to “open”
- Assigned user set to “ronin-140089 (at lighthouseapp)”
- Importance changed from “High” to “”
-
ronin-140089 (at lighthouseapp) June 23rd, 2011 @ 12:57 AM
- Tag set to “gpg-agent, passphrase-saving”
I think this is related to gpg-agent. This process is - like ssh-agent - responsible for saving user passwords for the duration of their session.
Adding
no-use-agentto~/.gnupg/gpg.confdoesn't seem to work.I recommend the workaround descibed in here:
Add the following lines to
~/.gnupg/gpg-agent.confdefault-cache-ttl 10 max-cache-ttl 10 ignore-cache-for-signingPasting the following into Terminal.app and pressing return has the same effect:
echo -e "default-cache-ttl 10\nmax-cache-ttl 10\nignore-cache-for-signing" >> ~/.gnupg/gpg-agent.confThis will set the duration (in seconds) during which gpg-agent will save the passphrase. Also, the last line tells gpg-agent to always ask for a passphrase when signing other gpg-keys.
You can find out more about these config lines with the command:
man gpg-agentPlease tell me if this fix works for you. (Maybe we should add this to the FAQ)
-
alphaace June 23rd, 2011 @ 01:05 AM
This did not work. I changed the "10" to "2" because I wanted it shorter and I still get the same problem. Furthermore, I did not have a file "gpg-agent.conf".I thus created the file and pasted those fields in. Please advise, thanks!
-
ronin-140089 (at lighthouseapp) August 15th, 2011 @ 06:08 PM
- Assigned user changed from “ronin-140089 (at lighthouseapp)” to “Alex (via GPGTools)”
This is very strange. I just tried this approach again and everything works fine. (Using 0 for default- and max-cache-ttl)
I just had to kill gpg-agent (killall gpg-agent) to make it re-read the configuration file.
-
Alex (via GPGTools) August 15th, 2011 @ 06:12 PM
- State changed from “open” to “waiting”
@alphaace can you confirm this? Also see http://www.gpgtools.org/gpgpreferences/index.html
-
Kevin Rector October 7th, 2011 @ 10:41 PM
echo -e "default-cache-ttl 2\nmax-cache-ttl 2\nignore-cache-for-signing" >> ~/.gnupg/gpg-agent.conf
Worked for me.
-
Alex (via GPGTools) October 9th, 2011 @ 02:30 PM
- State changed from “waiting” to “open”
- Assigned user changed from “Alex (via GPGTools)” to “ronin-140089 (at lighthouseapp)”
So should we add this line to gpg-agent?
-
steve January 29th, 2012 @ 04:42 PM
- State changed from “open” to “fixed”
- Importance changed from “” to “”
Please adjust the caching behavior in the GPGPreferences.
Fixed.
-
steve August 19th, 2013 @ 10:59 PM
- Tag cleared.
- Assigned user cleared.
- Importance changed from “” to “Low”
-
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
People watching this ticket
Alex (via GPGTools)
alphaace
Luke Le
Mento
steve
Referenced by
-
87
GPGServices Does not request pass phrase to decrypt
Sorry, it appears this is a duplicate of #67.