Clearing cached PIN for Yubikey
ಚಿರಾಗ್ ನಟರಾಜ್
gpg-users at chiraag.me
Wed Aug 5 23:18:42 CEST 2020
Hello!
I was attempting to figure out what the 'canonical' way of clearing a Yubikey's cached PIN is. I adjusted the default-cache-ttl and max-cache-ttl values in gpg-agent.conf to no effect. I also attempted to use card-timeout (even though it was clear from searching around that it was probably useless).
I know there's a setting to force (or not force) entering a PIN for signing in gpg --edit-card, but there doesn't seem to be a corresponding option for forcing a PIN for decryption.
Obviously I can just yank out my Yubikey or restart the agent (systemctl --user restart gpg-agent) and get the desired effect (although echo RELOADAGENT | gpg-connect-agent *doesn't* achieve the same thing...), but I'd like to find another option if available.
Here is the output of gpg --version:
gpg (GnuPG) 2.2.20
libgcrypt 1.8.6
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/chiraag/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
I'm running Debian sid/experimental and use systemd as my init system and service manager, if that impacts anything.
Thank you very much for any tips and/or pointers!
Sincerely,
Chiraag
--
ಚಿರಾಗ್ ನಟರಾಜ್
Pronouns: he/him/his
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - gpg-users at chiraag.me.asc.pgp
Type: application/pgp-key
Size: 651 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200805/7a30cea5/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 233 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200805/7a30cea5/attachment.sig>
More information about the Gnupg-users
mailing list