Where to save passphrases?
Peter Lebbing
peter at digitalbrains.com
Sat Jul 26 13:40:25 CEST 2014
On 26/07/14 12:41, Heinz Diehl wrote:
> Only you can answer this question, because the answer depends entirely on
> your thread model.
I completely agree.
> Are there others which have physical access to your machine?
If an attacker has physical access, you've lost; game over.
> Is there swapspac which the passphrase could be dumped into?
I highly suspect gpg-agent marks memory pages with key material as non-swappable.
By the way, I think passphrase caching in gpg-agent is a rather common deployment.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list