Re: gpg-agent: Different TTLs for different keys
I had a workaround in mind that involved using multiple homedirs (one in ~/.gnupg and the other in ~/.backup-system2/crypto/gnupg) and then spinning up one gpg-agent for each, using the first one's GPG_AGENT_INFO in the normal shells and the other in the backup scripts only. To get the passphrase cached the first time, I'd steal this page from Gentoo's keychain script: # The alternate GPG_AGENT_INFO and GNUPGHOME have already been imported echo | gpg --use-agent --no-tty --sign --local-user backup \ -o - >/dev/null 2>&1 I'll be working on that. In the meantime, it would be kind of a nice option, and I don't think it's quite as complex as the issue you mentioned (though I could be wrong). Thanks PSM Werner Koch wrote: > On Wed, 14 Mar 2007 15:09, [EMAIL PROTECTED] said: > >> I want to set gpg-agent to handle both, but the TTL on the e-mail key >> should be 5 minutes and the TTL on the backup key should be indefinite >> (I should only have to enter it every time I boot). Is there a way to >> do this? > > No. Or not yet. It is related to https://bugs.g10code.com/gnupg/issue672. > > > > Shalom-Salam, > >Werner > signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg-agent: Different TTLs for different keys
On Wed, 14 Mar 2007 15:09, [EMAIL PROTECTED] said: > I want to set gpg-agent to handle both, but the TTL on the e-mail key > should be 5 minutes and the TTL on the backup key should be indefinite > (I should only have to enter it every time I boot). Is there a way to > do this? No. Or not yet. It is related to https://bugs.g10code.com/gnupg/issue672. Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg-agent: Different TTLs for different keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 In the stupid gpg-agent tricks department: Say I have two signing keys. One of them signs e-mails and one of them is used by an automated backup process; admittedly not as trustworthy (which is why I don't want to use my e-mail key) but better than nothing if my access control holds up otherwise. I want to set gpg-agent to handle both, but the TTL on the e-mail key should be 5 minutes and the TTL on the backup key should be indefinite (I should only have to enter it every time I boot). Is there a way to do this? Thanks PSM -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF+AILei6R+3iF2vwRCmBxAKCmd1MZfmVmC/4wEuV4QFNxgXxyJQCghnIM zkuPXK7azzq5OVXQkgSH0t8= =K1xt -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users