Stumped and need some help with agent

Werner Koch wk at
Mon Jun 18 11:09:12 CEST 2012

On Mon, 18 Jun 2012 02:43, papillion at said:

> Let me ask this: are there any major security implications (aside from
> sacrificing the security of pinentry) to hacking gpg2 to not use agent?

You simply can't use gpg2 without gpg-agent.  It is a part of GnuPG and
required.  Yes, these changes are permanent.  gpg-agent is designed to
take care of all private key operations.  Thus gpg and gpgsm only need
to care about public key and the per messages session keys.
Modularizing a system in this way is much safer; it is similar to what
you do with a smartcard or a HSM.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list