GPG Agent discarding cache before ttl/max ttl
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Oct 16 20:49:50 CEST 2019
On Tue 2019-10-15 22:57:16 +0200, Werner Koch via Gnupg-users wrote:
> If your system has a method to run a script
> on suspend or lid closing it may already do just that. I consider this
> a good idea but we can't do that by default in GnuPG because systems
> differ to much on how to detect a lid closing event or similar. Thus
> there is also no way to avoid it using a GnuPG option.
It would be great to learn what the most common lid-closing events on
popular platforms are, so that gpg-agent can do this cache-flushing
behavior automagically at least for users on those platforms.
On systems with D-Bus, following the freedesktop.org IPC standards, it
looks like the following signal appears on the system bus when the
machine goes to sleep:
destination=(null destination) path=/org/freedesktop/login1; interface=org.freedesktop.login1.Manager; member=PrepareForSleep
Debian systems these days typically use the dbus standard -- and i'd be
happy to try to integrate detection of this signal into the debian
gpg-agent packaging, if anyone wants to propose a way to do it. i'm not
a D-Bus guru by any stretch of the imagination, so i'm not sure what the
right next step is, guidance is definitely welcome.
> On Tue, 15 Oct 2019 09:14, Chip Senkbeil said:
> Its the default anyway
This is the default, but its presence in gpg-agent's configuration file
is also used as a signal in some OSes (debian at least) as for whether
to export an SSH_AUTH_SOCK that points to gpg-agent's ssh-agent
emulation socket. See /etc/X11/Xsession.d/90gpg-agent for more details.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the Gnupg-users