[Gpg4win-users-en] Problem caching passphrase?
Werner Koch
wk at gnupg.org
Thu Feb 4 08:45:23 CET 2010
On Mon, 1 Feb 2010 21:47, chd at chud.net said:
> My problem is that gpg-agent (I assume) appears to want to cache my
Right, that is one of gpg-agent's tasks.
> once I was able to locate gpg-agent.conf I saw that it also reflected
> the new values), but I still get prompted for my passphrase more often
> than I should.
There is a second limit built into the cache. From the man page:
--default-cache-ttl n
Set the time a cache entry is valid to n seconds. The
default are 600 seconds.
--max-cache-ttl n
Set the maximum time a cache entry is valid to n seconds.
After this time a cache entry will get expired even if it
has been accessed recently. The default are 2 hours (7200
seconds).
Thus you will get a prompt after 2 hours unless you change that limit.
To change that limit using a GUI you need to use GPA: Use the backend
preferences menu option and switch to expert mode using the selection
box in the upper right. This shows the max-cache-ttl entry.
Another reason why you might see more prompts that expected is due to
the cache working on a per-key base. Now an OpenPGP certificate usually
has two keys: One for signing and one for encryption. Although pretty
rare, they might have different passphrases and thus gpg-agent needs to
cache them individually.
If you change certain options the gpg-agent's cache is flushed.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gpg4win-users-en
mailing list