After opening file with GPG Tools any file can be opened w.o. pwd

Olav Seyfarth olav at enigmail.net
Wed Sep 21 16:21:28 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi,

> Is there a way to require the password every time I try and decrypt a
> file. The current situation presents a security risk as opening one file 
> essentially unlocks all files encrypted with the same key.

Caching in gpg-agent is responsible for this. You can configure its cache entry
TTL values. Look for cache settings in gpg-agent.conf (to be created in your
GnuPG homedir. You may want to set default-ttl to some seconds only (or "0"?).

http://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html#Agent-Options

Olav
- -- 
The Enigmail Project - OpenPGP Email Security For Mozilla Applications
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/

iQGcBAEBAwAGBQJOefLmAAoJEKGX32tq4e9WiLwL/0VcmWmGmLPLPVHPAHXSSlEm
gRXPOm0mMppRRknBGszkpFwoPkoM5JfTx796HiLHPAmlwLA+6UtfjKLRR1W+OCh4
HB3adVOScMcCDTaNls3upoJTgqPzCygHsklhJYyR54s6fer0NL3K8cBm90Jzxk76
mQT1rVMhnqgggFLESYBY7GSdXCpz/lsHQwHbIvP6r3MfW7Rf1SbYVoo/NBtKrFNr
IzPrXcpYMxZLdw1U3Xn0NJtUkNTULLULy3gAheldXzSOcKpCOFClBYz88qLHWM9J
zMXULWSr6PcaW1kWIDZ1fnfyyheVH34mHGhTEoVgINdoV7nAy/vhl20Uu7foJLoD
k4zG7x1/bG2j2gOP7dKZJ5H22brXzRVqiC/ZPAFGNWG6/v96T650FUa8f4cK5szD
tE8EmIn5hoAI7kb9JHCtRWEITurWmd9Vqnyqtyf1/QP5grqc0pFC2JY5uGuUun/B
MD05TZcJrN6OF2r2zZ6SRZcz2eJya1Y/KJvv0MGTKg==
=vHRU
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list