Older gpg version does not ask for passphrase

Dashamir Hoxha dashohoxha at gmail.com
Mon Jun 6 22:50:57 CEST 2016


On Mon, Jun 6, 2016 at 8:09 PM, Matthias Nick <me at matthias-nick.de> wrote:
>
> Am I doing anything wrong or maybe misunderstanding something? My
> understanding is that passphrases are meant for a situation where
> someone gets their hands on my private key and this behaviour seems to
> defy the purpose.
>

If your environment is unsafe and you don't trust it, then you should
authorize
the private key each time that it is used. If you are in a safe environment
and
you trust it, you don't need to authorize the key each time you use it.
I think that the latest versions of GnuPG are taking a more conservative
approach, by not trusting the environment, so you have to give the
passphrase
more often.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160606/8251724b/attachment-0001.html>


More information about the Gnupg-users mailing list