gpg encryption not asking for password

gpg -o message.gpg -e -r message.txt
shred message.txt
gpg -o message.txt --decrypt message.gpg

After one entering the password once, it’s doesn’t ask for the password again. This is a security risk.

How do I make gpg (gpg2) ask for the password every time?

It uses “gpg-agent” to handle the details. So “gpg-agent” is remembering the passphrase.

You can set a time limit in “.gnupg/gpg-agent.conf”, with lines for “default-cache-ttl” and “max-cache-ttl”.


man gpg-agent

for details.


This file doesn’t exist. ??


You can create that file with a text editor. I think that’s where mine came from.

Use the man page for hints. Where the man page mentions “–default-cache-ttl” you just omit the starting “–” and enter the keyword and value starting at the left margin.

default-cache-ttl 0 

This works. I was able to do that command set three times in a row. (encrypt,shred, decryption) I’ll post again, if I see any problems that might come with autologin.

Thanks. :slight_smile:

How do I delete the password cache?

It is in memory. It is not on disk. And I pretty sure that it is locked in memory (not allowed to be paged out, so won’t ever be copied to disk). The entries should be deleted when their ttl expires or when you shutdown or reboot (which ever happens first).

Since you have set a short ttl, I don’t see any reason for concern.

Thanks. That will help my skills.