How do I flush a bad symmetric password from gpg-agent?

Werner Koch wk at
Wed Aug 19 09:20:40 CEST 2009

On Tue, 18 Aug 2009 20:28, dougb at said:

> Today I mis-typed a passphrase for a symmetrically encrypted file and
> was surprised to discover that gpg-agent had stored the bad passphrase
> and would not let me access the file. I have occasionally in the past

This is a new and probably not too well tested feature.  I'll check whey
this is going wrong.

> Looking through the man page I don't see any way to flush the bad
> password from the agent. Killing and restarting works of course, but

That is pretty easy: Give the gpg-agent a HUP ("pkill -HUP gpg-agent")
or better use "gpgconf --reload gpg-agent" which basically does the


    This signal flushes all cached passphrases and if the program has
    been started with a configuration file, the configuration file is
    read again.  Only certain options are honored: quiet, verbose,
    debug, debug-all, debug-level, no-grab, pinentry-program,
    default-cache-ttl, max-cache-ttl, ignore-cache-for-signing,
    allow-mark-trusted and disable-scdaemon.  scdaemon-program is also
    supported but due to the current implementation, which calls the
    scdaemon only once, it is not of much use unless you manually kill
    the scdaemon.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list