unlock keychain with pam authentication

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Sep 29 16:28:17 CEST 2015

On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher <andrewg at andrewg.com> wrote:
> On 28/09/15 23:16, SGT. Garcia wrote:
>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
>>> Do you ever import keys that other people
>>> send you?  or keys you find on the web?  or keys attached to e-mail
>>> messages?  Are you sure the things imported can't include a secret key?
>> this is the first time i hear about *importing* to be honest. after reading, yes
>> just reading, your email a new key was added and on the next run of 'notmuch
>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds
>> in attachments.
> Surely that 'feature' needs removing asap?

I'm surprised to hear that notmuch has this feature, and i haven't seen
it happen myself.  I'm one of the people who helped contribute to
notmuch's OpenPGP mechanisms.

This sounds like something to be raised on the notmuch mailing list,


More information about the Gnupg-users mailing list