How to prevent passphrase caching in 2.1
Peter Lebbing
peter at digitalbrains.com
Tue Nov 22 11:41:27 CET 2016
On 21/11/16 15:20, Carola Grunwald wrote:
> As for each single decryption task only a defined passphrase is
> allowed to be used it's essential to have caching, which implicates
> the risk of unauthorized passphrase usage, strictly deactivated.
Why do you lump these users together? At a first glance it seems more
logical that they have separate system accounts, or at the least
separate GnuPG homedirs (and hence agents).
They shouldn't even have access to the encrypted private key in the
first place.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list