Having fun with gpg...

Back in January, I wrote about the maddening behavior of gpg on my Ubuntu laptop. Just recently, on the Windows machine I use for work, I started getting notifications from Thunderbird that I had better upgrade my gpg from 1.4-something to 2.0-something if I wanted to continue to use the Enigmail add-in.

So, I duly downloaded version 2.0.22 and found that, apparently, new (2.0 and later) versions of gpg now universally employ a mechanism by which a separate piece of software is used to prompt for and receive the user's passphrase. This "feature" annoyed the heck out of me until I did a little digging, because while I can see the utility in having to bug the user only once for a passphrase and then caching it for use again later, this approach basically means you can't really leave your machine unattended in areas where there may be other people about. (And even attended, what happens if someone does a grab-and-run with your laptop while you're sipping a latté at Starbucks?)

And the result of all my googling was finding out there is a configuration file for gpg> (called gpg-agent.conf) that contains a setting that specifies the number of seconds a passphrase is cached in memory before being discarded, requiring re-entry of the passphrase before gpg will use the associated user key..

The default value is, if memory serves, 300 (five minutes). I changed this setting to 10 (i.e., seconds), as I do not particularly mind typing my passphrase as many times as may be required in the course of a day (which covers work emails, of which there are typically fewer than half a dozen, and an application that uses gpg to help me manage passwords for the ever-expanding list of web sites that require registration, which may not be used at all during a typical day).

* * *It's getting late, but I had one heck of a nap that I was roused from after 6 pm, so I suspect I may have a wee bit o'trouble fallin' into the arms of Morpheus over the near term.

But still, one must try.