[pkg-gnupg-maint] Bug#840669: Bug#840669: Bug#840669: Beware of leftover gpg-agent processes
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Oct 14 19:47:20 UTC 2016
On Fri 2016-10-14 15:18:40 -0400, Werner Koch wrote:
> On Fri, 14 Oct 2016 19:17, ijackson at chiark.greenend.org.uk said:
>
>> authorisations, if the user types in a passphrase) have a lifetime
>> limited by that of the gpg process which started the agent.
>
> In a new temp directory do:
>
> GNUPGHOME=$(pwd) gpg-agent --daemon gpg .....
>
> Or whatever you want to run under gpg-agent's control. This has been
> there for ages.
fwiw, this doesn't work (and actually returns an error) if there is
already a gpg-agent running in that $GNUPGHOME:
0 dkg at alice:/tmp/cdtemp.ofhjoX$ export GNUPGHOME=$(pwd)
0 dkg at alice:/tmp/cdtemp.ofhjoX$ gpg-connect-agent /bye
gpg-connect-agent: no running gpg-agent - starting '/usr/bin/gpg-agent'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to agent established.
2 dkg at alice:/tmp/cdtemp.ofhjoX$ ls
private-keys-v1.d S.gpg-agent S.gpg-agent.rstrd trustdb.gpg
pubring.kbx S.gpg-agent.brwsr S.gpg-agent.ssh
0 dkg at alice:/tmp/cdtemp.ofhjoX$ gpg-agent --daemon ls
gpg-agent: a gpg-agent is already running - not starting a new one
2 dkg at alice:/tmp/cdtemp.ofhjoX$
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20161014/ac58a73c/attachment.sig>
More information about the pkg-gnupg-maint
mailing list