Stumped and need some help with agent
wk at gnupg.org
Mon Jun 18 11:09:12 CEST 2012
On Mon, 18 Jun 2012 02:43, papillion at gmail.com said:
> Let me ask this: are there any major security implications (aside from
> sacrificing the security of pinentry) to hacking gpg2 to not use agent?
You simply can't use gpg2 without gpg-agent. It is a part of GnuPG and
required. Yes, these changes are permanent. gpg-agent is designed to
take care of all private key operations. Thus gpg and gpgsm only need
to care about public key and the per messages session keys.
Modularizing a system in this way is much safer; it is similar to what
you do with a smartcard or a HSM.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users