Summary: | Save GPG passphrases to a file | ||
---|---|---|---|
Product: | [Applications] kmail | Reporter: | Rocco Stanzione <grasshopper> |
Component: | general | Assignee: | kdepim bugs <kdepim-bugs> |
Status: | RESOLVED INTENTIONAL | ||
Severity: | wishlist | CC: | daniel.moyne |
Priority: | NOR | ||
Version: | 1.5 | ||
Target Milestone: | --- | ||
Platform: | Mandrake RPMs | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Rocco Stanzione
2003-05-09 17:45:12 UTC
I don't think this will be implemented in the form you are asking. Reason 1: it's a big security risk to write the password to disk. You lose the security you had gained by using GPG in the first place. Reason 2: an external password-saving database is being implemented to KDE and may (I repeat, *may*) be ready for KDE 3.2. You unlock your passwords once and other passwords will be saved to disk, in a secure way. Reason 3: if you want this feature at this moment, use the gpg-agent and set the password-expiration time to a very high value, like a day or so. It'll still be saved in memory, but it will be in another program (gpg-agent) rather than in kmail. More information on how to set up, http://kmail.kde.org/. I'm closing this bug report on those arguments. Subject: Re: New: Save GPG passphrases to a file
On Friday 09 May 2003 17:45, Rocco Stanzione wrote:
> ps. Of course it doesn't necessarily need to be saved as plain text
KMail is Open Source so it doesn't matter whether the passphrase is
saved as plain text or not. Anyone who knows a little bit C will be
able to retrieve your passphrase from the saved one. If you don't want
to enter a complicated passphrase then change it to a short one. Even a
short passphrase will give you more protection than a passphrase which
is saved in a file.
Is the problem of pass phase eventually solved with kmail as I still cannot send any signed messages other wise I have an error mesaage that pops-up and says : Failure of signature Bad passphrase Regards. > Is the problem of pass phase eventually solved with kmail as I still cannot send any signed messages other wise I have an error mesaage that pops-up and says :
> Failure of signature
> Bad passphrase
This is probably unrelated to this bug report. The "Bad passphrase" error occurs when gpg-agent is not properly running, you should file a bug report to your distribution.
but gpg-agent the same one works fine with Kmail of KDE-3 on the same machine ! Regards For me it turned out that pinentry-qt4 did not work with gpg-agent and made it impossible to sign or decrypt with kmail. Fix: Change the link /etc/alternatives/pinentry so that it points to, for instance, pinentry-gtk-2 or whatever you have installed. Check: ls /usr/bin/pinentry* |