gpg-agent, multiple requests
Jenya Sovetkin
e.sovetkin at gmail.com
Mon Dec 12 10:11:02 CET 2016
Hello everyone!
recently I have encountered a problem with gpg-agent.
When there are several simultaneous requests made for decryption, then
gpg-agent "forgets" the passphrase and queries it again (for example
when there are several cronjobs being invoked that require decryption).
In other words, multiple simultaneous requests make cache entry
invalid (ignoring --max-cache-ttl and --default-cache-ttl parameters).
Here is the script kindly written by
[@woodape](https://bbs.archlinux.org/viewtopic.php?pid=1675818#p1675818)
which reproduces the behaviour
#!/bin/bash
echo "test" | gpg -e -r "$1" -o test.gpg
for i in {1..8} ; do
gpg -d test.gpg &
done
I am currently using version 2.1.16, however, the behaviour may have
appeared a bit earlier.
My question is whether this is a feature (lock access to a secret key
during a decryption instance) or a bug?
If this is a feature, then why the access to secret key should be
locked during decryption, as for the secret key it is a read-only
operation.
Correct me if I wrong, but I haven't found any references to this
feature in recent news/release notes or this mailing list discussions.
Jenya
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20161212/ef40cbb3/attachment.sig>
More information about the Gnupg-users
mailing list