Where to save passphrases?
2014-667rhzu3dc-lists-groups at riseup.net
Sat Jul 26 15:23:36 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
On Saturday 26 July 2014 at 9:19:52 AM, in
<mid:CAPJdnyKaWgW6-ewWvwtbkTtcOscUfh3iQhwfcN0FUNUUXkSmSg at mail.gmail.com>,
Sudhir Khanger wrote:
> Is using some single-sign-on method, like keychain or
> pam, to keep gpg passphrase cached in gpg-agent for the
> length of user session, so that one doesn't have to
> enter gpg key passphrase every time one is sending an
> email, considered a common practice? Or does that again
> fall in risky behavior category?
I would think that caching passphrase, whether for the whole session
or for a set time period, is probably a common practice. Whether it is
"risky" depends on your threat model.
For instance, if you are in an open-plan office, is the risk greater
that you will not always lock your computer when you pop away from
your desk, or that you may be overlooked when typing your passphrase?
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Take my advice - I don't use it anyway.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users