how to suppress warning about gpg-agent?

Alex Efros powerman at powerman.name
Mon Mar 8 13:22:28 CET 2010


Hi!

On Mon, Mar 08, 2010 at 01:06:06PM +0100, Werner Koch wrote:
> FWIW, You should use public key encryption instead of symmetric only
> encryption.  This makes everything much easier.

I don't think so. Every project encrypt it backups with different
passwords (needed for security), and right now I can keep just several
dozens of passwords, but with public keys I'll need to keep several dozens
of .gnupg directories instead, which is harder to manage.

> A littel warning: gpg-agent is is a cornerstone of GnuPG-2.  You can't
> do much without it.  Today gpg2 might be usable without a running
> gpg-agent but with the current branch this will change: All secret key
> operations are then diverted to the agent.

I know. Right now it run gpg-agent in server mode and talk to it STDIN -
that's ok for my needs. I don't try to avoid running gpg-agent, I just
wanna suppress warning.

> In your case the agent is required to return the S2K count.  This values
> is computed only once because it takes some time can can't be done for
> each invcation.  To avoid this you may try option "--s2k-count N".  You
> can get a suitable value for N on your machine by running the command
> 
>   gpg-connect-agent 'getinfo s2k_count' /bye

Wow, it works! With this parameter gpg doesn't output that warning
anymore (and doesn't try to start gpg-agent).

I wonder what is physical sense of this number? Is it safe to hardcode one
number for all user accounts on same server (many servers)?

P.S. But I still think much more clear solution is just add option to
suppress warning message and let gpg start own copy of gpg-agent when it
need it.

-- 
			WBR, Alex.



More information about the Gnupg-users mailing list