Monitoring queries to gpg-agent?

Kristian Larsson kll at dev.terastrm.net
Wed Sep 26 12:57:33 CEST 2018


On 2018-09-26 12:43, Peter Lebbing wrote:
> On 25/09/2018 23:03, Kristian Larsson wrote:
>> Is there a way I can monitor and display the queries to gpg-agent so I
>> can see what the current query is actually trying to do?
> 
> This is reminding me of a message Werner wrote[1] last year that
> pinentry will show some context of the reason it is prompting. So this
> functionality might be in the works.

Ah, interesting, sounds similar yes. I'd be very interested in hearing 
more about this.

> I assume you are prompted by a
> pinentry to push the button?

I cache the pin so it only asks me sporadically and mostly at the start 
of a work session but I have to push the button on the yubikey for every 
query, so with cached PIN it means there's no pinentry prompt 99% of the 
time.

> As you note, if access to your agent was compromised, this would not
> constitute solid protection as the information could be spoofed or
> substituted. It is informative, though.

Right, I understand.

Kind regards,
   Kristian.



More information about the Gnupg-users mailing list