[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Stop emacs caching gpg keys
From: |
Gregor Zattler |
Subject: |
Re: Stop emacs caching gpg keys |
Date: |
Sat, 30 Jan 2021 18:14:18 +0100 |
Hi Colin,
* Colin Baxter <m43cap@yandex.com> [30. Jan. 2021]:
> I have GnuPG (gpg) version 2.1.18. As is well known, this version of gpg
> has the utterly annoying habit of storing gpg keys in the cache for some
> time (1 hour default, I think).
>
> To stop this happening I run 'gpgconf --kill gpg-agent'. This works fine
> in bash scripts that control the encryption, where I can put that
> command in the script.
wouldn't it be easyier to configure gpg-agent:
--default-cache-ttl n
Set the time a cache entry is valid to n seconds. The default
is 600 seconds. Each time a cache entry is accessed, the en‐
try's timer is reset. To set an entry's maximum lifetime, use
max-cache-ttl. Note that a cached passphrase may not evicted
immediately from memory if no client requests a cache opera‐
tion. This is due to an internal housekeeping function which
is only run every few seconds.
--max-cache-ttl n
Set the maximum time a cache entry is valid to n seconds. Af‐
ter this time a cache entry will be expired even if it has
been accessed recently or has been set using gpg-preset-
passphrase. The default is 2 hours (7200 seconds).
Therefore I have this configuration:
~/.gnupg$ cat gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 1200
Ciao, Gregor
--
-... --- .-. . -.. ..--.. ...-.-