Don't remember PGP passphrase until end of session

Question

To use my PGP key I always have to enter my passphrase. But as it happens, I have to unlock the key only once for every session. The desired behaviour would be, that I have to unlock the key each time I want to use it so the passphrase is not remembered for the whole session.

The dialog for entering the passphrase provides a checkbox "Automatically unlock this key, whenever I'm logged in" but that is also not what I want. I recall this dialog in older versions of Ubuntu providing more options, like this:

enter image description here

But these options are never provided to me. So how can I configure Seahorse/GPG/Ubuntu to always locking the key after usage?

Searching for "cache gpg" would have helped you find existing answers. — Jonas Malaco, Aug 15 '14 at 10:56

score 3 · Accepted Answer · edited Apr 13 '17 at 12:24

3

Settings for Seahorse are in 'gsettings': gpg-cache-method and gpg-cache-ttl. Answered here.

If you preffer, you could also have 'gpg-agent' manage the keys, check this.

edited Apr 13 '17 at 12:24

Community

1

answered Aug 15 '14 at 10:52

Jonas Malaco

1,453
1
13
15

score 1 · Answer 2 · answered Aug 14 '14 at 14:56

This can be configured by editing ~/.gnupg/gpg-agent.conf. Two options are of interest, default-cache-ttl is the time after using the key until it gets locked, max-cache-ttl is the time after unlocking the key.

man gpg-agent does not describe whether a max-cache-ttl value of 0 disables caching completely (as it invalidates instantly) or disables invalidation, but you will be able to realize easily. If not, think about setting it to 1 (seconds).

max-cache-ttl 0

I fear this approach doesn't work since I'm using Seahorse for key management. — Mouagip, Aug 14 '14 at 15:07

Don't remember PGP passphrase until end of session

2 Answers2