Stumped and need some help with agent

Anthony Papillion papillion at gmail.com
Mon Jun 18 02:43:32 CEST 2012


On 6/17/2012 7:10 AM, Werner Koch wrote:
> On Sat, 16 Jun 2012 22:42, papillion at gmail.com said:
> 
>> For some reason, every time I do anything to an encrypted message, I
>> have to re-enter my passphrase. If I open a message, I enter my
>> passphrase, then, when I reply to it, I have to enter it again. And to
>> send that reply? Yep, enter it again!
> 
> Your gpg-agent is not installed properly.  man gpg-agent to see how it
> is to be started.  If there is no gpg-agent it will only be started as
> needed and then can't act as a passphrase cache.   Ubuntu should have
> handled this for you.

Wait...you expect me to read the man page? What kind of barbarian are
you, anyway?!? lol Just kidding. For some reason, with all my
troubleshooting, I never even considered reading the man page. I'll do
that and see what I can find. Thank you for the help!

> We will change gpg-agent in the next version to automagically start
> itself as a daemon on the first access - this allow to use gpg-agent
> without any additional system setup.

Sounds good. I assume the way it's started now is on an 'as needed' basis?

>> system, renamed the gpa.conf file (just in case) and added the
>> "no-use-agent" entry to my gpg.conf file with no result.
> 
> gpg2 ignores this option because gpg-agent is a required part of the
> GnuPG-2 system. 

I figured that out while going through some of the posts relating to
gpg-agent. Is this a permanent change? I know pinentry is supposed to be
a safer way to enter passphrases so I'm assuming that the mandatory use
of gpg-agent will continue on into future versions?

Let me ask this: are there any major security implications (aside from
sacrificing the security of pinentry) to hacking gpg2 to not use agent?
I'm not considering doing this as I don't see a real need but I'm curious.

Thanks!
Anthony



More information about the Gnupg-users mailing list