help-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Stop emacs caching gpg keys

From: Gregor Zattler
Subject: Re: Stop emacs caching gpg keys
Date: Sat, 30 Jan 2021 18:14:18 +0100 
Hi Colin,
* Colin Baxter <m43cap@yandex.com> [30. Jan. 2021]:
> I have GnuPG (gpg) version 2.1.18. As is well known, this version of gpg
> has the utterly annoying habit of storing gpg keys in the cache for some
> time (1 hour default, I think).
>
> To stop this happening I run 'gpgconf --kill gpg-agent'. This works fine
> in bash scripts that control the encryption, where I can put that
> command in the script.

wouldn't it be easyier to configure gpg-agent:

--default-cache-ttl n
Set the time a cache entry is valid to n seconds.  The default
is 600 seconds.  Each time a cache entry is accessed, the  en‐
try's timer is reset.  To set an entry's maximum lifetime, use
max-cache-ttl.  Note that a cached passphrase may not  evicted
immediately  from  memory if no client requests a cache opera‐
tion.  This is due to an internal housekeeping function  which
is only run every few seconds.

--max-cache-ttl n
Set the maximum time a cache entry is valid to n seconds.  Af‐
ter  this  time  a  cache entry will be expired even if it has
been accessed recently  or  has  been  set  using  gpg-preset-
passphrase.  The default is 2 hours (7200 seconds).

Therefore I have this configuration:
~/.gnupg$ cat gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 1200


Ciao, Gregor
--
 -... --- .-. . -.. ..--.. ...-.-
reply via email to
[Prev in Thread] Current Thread [Next in Thread]