[Users] Unlocking GnuPG
Johan Vromans
jvromans at squirrel.nl
Mon Feb 6 08:08:17 CET 2017
On Sun, 5 Feb 2017 22:21:10 +0100, Johan Vromans <jvromans at squirrel.nl>
wrote:
> I assume it's my fault, but...
In any case, it's not claws.
> When I run gpg in a terminal window, it says that gpg-agent is not
> available and asks for the passphrase. Good.
Actually, there *is* a gpg-agent, and it is found by gpg2.
I assume the claws plugin also uses gpg2, either directly or indirectly.
> When I use claws to send a (GnuPG) signed e-mail, it does so without
> asking for the gpg passphrase. I don't recall I ever instructed claws to
> permanently store this passphrase.
Running gpg-agent with debugging reveals that it is contacted correctly.
Then it invokes pinentry to ask for the passphrase. Much to my surprise,
pinentry returns the desired information without popping up a dialog. So
apparently it is cached by pinentry, or Gnome, or whatever.
Still scary, especially since I haven't found a way to stop this (IMHO
undesired) behaviour.
-- Johan
More information about the Users
mailing list