gpg-agent automatically use passphrase for signing subkey?

Ingo Klöcker kloecker at
Sat Jul 23 16:30:18 CEST 2011

On Friday 22 July 2011, Charly Avital wrote:
> Chris Poole
> <CAF=P9QBCMFqKvv_49a5NySoSWZkh2Ka_Kjo5WJY2onM6Yhs04w at>
> wrote on 7/22/11 10:38:39 AM:
> > On Thu, Jul 21, 2011 at 5:30 PM, Charly Avital <shavital at> 
> >> When your passphrase has been cached for each of those *actions*,
> >> it will remain in gpg-agent's "memory" for the duration of the
> >> cache set in your home directory ~/.gnupg/gpg-agent.conf
> > 
> > That's a shame, but thanks.
> Shame?
> I find it very convenient.

You think it's convenient that you have to enter the same passphrase 
twice, once when you want to sign something and then again when you want 
to decrypt something?

There are surely use cases for this, but for someone like me who is 
using gpg on a computer (resp. account) nobody else has (physical) 
access to it's just an annoyance (albeit a minor one).

There is already the option --ignore-cache-for-signing (curiously the 
corresponding option for decryption is missing, i.e. it's not possible 
to use the cache for signing but not for decryption), so why not add 
another option like --share-signing-and-decryption-cache? (I guess, if I 
really wanted this I should provide a patch. :-) )

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110723/0ac50ef2/attachment-0001.pgp>

More information about the Gnupg-users mailing list