unlock keychain with pam authentication

SGT. Garcia darwinskernel at gmail.com
Tue Sep 29 17:02:19 CEST 2015


On Tue, Sep 29, 2015 at 03:33:38PM +0100, Andrew Gallagher wrote:
> On 29/09/15 15:28, Daniel Kahn Gillmor wrote:
> > On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher <andrewg at andrewg.com> wrote:
> >> On 28/09/15 23:16, SGT. Garcia wrote:
> >>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
> >>>>
> >>>> Do you ever import keys that other people
> >>>> send you?  or keys you find on the web?  or keys attached to e-mail
> >>>> messages?  Are you sure the things imported can't include a secret key?
> >>>
> >>> this is the first time i hear about *importing* to be honest. after reading, yes
> >>> just reading, your email a new key was added and on the next run of 'notmuch
> >>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds
> >>> in attachments.
> >>
> >> Surely that 'feature' needs removing asap?
> > 
> > I'm surprised to hear that notmuch has this feature, and i haven't seen
> > it happen myself.  I'm one of the people who helped contribute to
> > notmuch's OpenPGP mechanisms.
> > 
> > This sounds like something to be raised on the notmuch mailing list,
> > though.
> 
> I was referring to mutt (allegedly) importing random secret keys that it
> finds attached to arbitrary mails... but yes, a discussion for elsewhere.
> 
> A
> 

mutt indeed; not notmuch. notmuch; well in fact in my setting isync is going to
sync _everything_ with upstream imap repo regardless. my best guess is that it's
mutt that imports the key. i will resend a copy of this to mutt's mailing list.


sgt




More information about the Gnupg-users mailing list