external keystore option?
Lord of the Lists
listmaster at gnupg.org
Thu May 11 12:19:14 CEST 2000
----- Forwarded message from "Mikolaj J. Habryn" <dichro-mail-3474b0e at rcpt.to> -----
Date: Thu, 11 May 2000 10:58:59 +0200
From: "Mikolaj J. Habryn" <dichro-mail-3474b0e at rcpt.to>
To: gnupg-devel at gnupg.org
Subject: external keystore option?
X-Diagnostic: Mail coming from a daemon, ignored
Are there any plans for or opinions on the possibility of separating
out the sensitive key management operations in gnupg (along the lines
of ssh-agent for ssh)? I had a dig through the archives (a while ago),
and recall seeing the subject come up once, but with no definitive
I would like to see such functionality in gnupg; there are certain
situations (such as Debian package creation) where a flexible policy
engine would save a fair bit of passphrase retyping.
My reason for asking is not purely academic; I recently published
keymgr, an application designed to serve this purpose, whose only real
claims to fame at present are a pretense to modularity and enough
functionality to allow one to keep one's ssh keys on a Java ring.
I've cobbled together enough code fragments to probably allow it to
fake the desired effect by using a wrapper for gpg along with
--passphrase-fd option (and obviously tracking passphrases in keymgr),
but it's something of a suboptimal solution.
----- End forwarded message -----
Werner Koch OpenPGP key 621CC013
OpenIT GmbH tel +49 211 239577-0
Birkenstr. 12 email wk at OpenIT.de
D-40233 Duesseldorf http://www.OpenIT.de
More information about the Gnupg-devel