gpg2 does not ask for pass phrase
Henry Hertz Hobbit
hhhobbit at securemecca.net
Thu Apr 11 00:26:23 CEST 2013
On 04/10/2013 03:18 PM, Werner Koch wrote:
> please write to gnupg-users at gnupg.org and not to the webmaster address.
Right now I am not subscribed and haven't been for years. It is
just that this is a serious issue where I had no way that I could
easily find to turn off the nasty behavior of my pass-phrase being
supplied with no questions asked even after a reboot for using my
secret key on OpenSuse 11.4. I am also battling spam that gives
me about 100 to a maximum of a thousand spam messages in my
other email account per day. Sorry about the failed request so I
can post. I am busy! Why OpenSuse 11.4 and Ubuntu 10.04? I have
gone through no less than twelve installs of various Linux distros
and gave up on the iPad like interfaces and went back to something
that gives me four work spaces with two xterms in each. That is
no longer nice. It is MANDATORY!
It is just that all of the advice "out there" is wrong. I don't
know whether you are allowing bots to traverse the old mailings
or not, but DuckDuckGo was NOT finding an answer.. It really
needs to be something that is available some place and the web-site
is authoritative. Since Ubuntu 10.04 doesn't have a PIN entry
panel it is not an issue there.
This URL while safe won't harm you:
It won't help you either. It seems that gpg2 on OpenSuse 11.4 does
NOT use the ~/.gnupg/gpg-agent.conf file even after you uncomment
this line in the ~/.gnupg/gpg.conf file:
Since I do not have an ~/.xinitrc file some of this advice will
kill more than just your GnuPG encryption:
You will never be able to login again! Well, since I also have
a clamav user and clamav group I could login as clamav, su to
to root (sudo su -l root for debianesque) and do a
# rm /home/ME/.xinitrc
Then ^D ^D, logout.
Now I can login. But I still had a problem. My GnuPG
pass-phrase was still being supplied with no questions asked.
I didn't notice or change anything in the pinentry panel which
I was able to use only the first time. Ever since then the
pass-phrase was magically supplied and there was no way for
me to set it to ask for it in the man pages or elsewhere because
the pinentry panel never appeared again.
Here is how you get it to ask for your GnuPG pass-phrase again
(and it is at that second URL):
echo "test" | gpg -ase -r 0xMYKEYID | gpg
But you do NOT have to do anything other than that. Make sure
you set it to something reasonable like ask for it every time
or a time-out before asking for it again. Never ask for the
GnuPG pass-phrase ever again? Sheesh! I may understand that
on a smart-phone but not a desk-top system.
More information about the Gnupg-users