Older gpg version does not ask for passphrase

Matthias Nick me at matthias-nick.de
Mon Jun 6 23:54:08 CEST 2016


Am 06.06.2016 um 22:50 schrieb Dashamir Hoxha:
> On Mon, Jun 6, 2016 at 8:09 PM, Matthias Nick <me at matthias-nick.de> wrote:
>>
>> Am I doing anything wrong or maybe misunderstanding something? My
>> understanding is that passphrases are meant for a situation where
>> someone gets their hands on my private key and this behaviour seems to
>> defy the purpose.
>>
> 
> If your environment is unsafe and you don't trust it, then you should
> authorize
> the private key each time that it is used. If you are in a safe environment
> and
> you trust it, you don't need to authorize the key each time you use it.
> I think that the latest versions of GnuPG are taking a more conservative
> approach, by not trusting the environment, so you have to give the
> passphrase
> more often.
> 

Authorization would be a gpg-agent issue though, from what I understand.
However, at least on one of the Debian machines, gpg-agent isn't even
running. Also, I would still have to enter my password at least once
initially. But I just copy the keyring and don't need to authorize even
once.



More information about the Gnupg-users mailing list