gpg-agent: Different TTLs for different keys
Peter S. May
me at psmay.com
Wed Mar 14 19:03:06 CET 2007
I had a workaround in mind that involved using multiple homedirs (one in
~/.gnupg and the other in ~/.backup-system2/crypto/gnupg) and then
spinning up one gpg-agent for each, using the first one's GPG_AGENT_INFO
in the normal shells and the other in the backup scripts only. To get
the passphrase cached the first time, I'd steal this page from Gentoo's
keychain script:
# The alternate GPG_AGENT_INFO and GNUPGHOME have already been imported
echo | gpg --use-agent --no-tty --sign --local-user backup \
-o - >/dev/null 2>&1
I'll be working on that.
In the meantime, it would be kind of a nice option, and I don't think
it's quite as complex as the issue you mentioned (though I could be wrong).
Thanks
PSM
Werner Koch wrote:
> On Wed, 14 Mar 2007 15:09, me at psmay.com said:
>
>> I want to set gpg-agent to handle both, but the TTL on the e-mail key
>> should be 5 minutes and the TTL on the backup key should be indefinite
>> (I should only have to enter it every time I boot). Is there a way to
>> do this?
>
> No. Or not yet. It is related to https://bugs.g10code.com/gnupg/issue672.
>
>
>
> Shalom-Salam,
>
> Werner
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20070314/aef69d97/attachment.pgp
More information about the Gnupg-users
mailing list