Version: 1.5 (using KDE KDE 3.1) Installed from: Mandrake RPMs OS: Linux I'm requesting a feature to be able to save my GPG passphrase to a file (rather than memory). I don't keep kmail running all the time, so keeping it in memory doesn't do me a lot of good. I deliberately chose a real PITA password thinking I wouldn't be needing to type it every time I sent an email. I brought this up in a couple of forums on IRC and was told it was a security issue. While that's understandable, there are situations where it's not so much of an issue, and saving it in a file is really no less secure than keeping it in memory. My private GPG key is saved to a file, after all. I understand the security concern, so maybe a security warning is in order, but I for one consider my desktop filesystem a secure enough area to be worth the small risk of saving this info to it, in exchange for the significant convenience of not having to type it every time I send an email. Thanks. ps. Of course it doesn't necessarily need to be saved as plain text
I don't think this will be implemented in the form you are asking. Reason 1: it's a big security risk to write the password to disk. You lose the security you had gained by using GPG in the first place. Reason 2: an external password-saving database is being implemented to KDE and may (I repeat, *may*) be ready for KDE 3.2. You unlock your passwords once and other passwords will be saved to disk, in a secure way. Reason 3: if you want this feature at this moment, use the gpg-agent and set the password-expiration time to a very high value, like a day or so. It'll still be saved in memory, but it will be in another program (gpg-agent) rather than in kmail. More information on how to set up, http://kmail.kde.org/. I'm closing this bug report on those arguments.
Subject: Re: New: Save GPG passphrases to a file On Friday 09 May 2003 17:45, Rocco Stanzione wrote: > ps. Of course it doesn't necessarily need to be saved as plain text KMail is Open Source so it doesn't matter whether the passphrase is saved as plain text or not. Anyone who knows a little bit C will be able to retrieve your passphrase from the saved one. If you don't want to enter a complicated passphrase then change it to a short one. Even a short passphrase will give you more protection than a passphrase which is saved in a file.
Is the problem of pass phase eventually solved with kmail as I still cannot send any signed messages other wise I have an error mesaage that pops-up and says : Failure of signature Bad passphrase Regards.
> Is the problem of pass phase eventually solved with kmail as I still cannot send any signed messages other wise I have an error mesaage that pops-up and says : > Failure of signature > Bad passphrase This is probably unrelated to this bug report. The "Bad passphrase" error occurs when gpg-agent is not properly running, you should file a bug report to your distribution.
but gpg-agent the same one works fine with Kmail of KDE-3 on the same machine ! Regards
For me it turned out that pinentry-qt4 did not work with gpg-agent and made it impossible to sign or decrypt with kmail. Fix: Change the link /etc/alternatives/pinentry so that it points to, for instance, pinentry-gtk-2 or whatever you have installed. Check: ls /usr/bin/pinentry*