Page MenuHome GnuPG
Create Task
Maniphest T4449

Configurable timer for having-to-input passphrase via "kleopatra"
Closed, ResolvedPublic
Actions

Description

While sending Mails via Outlook i every 15-30 Minutes have to reenter the long and secure passphrase via "pinetry-qt".
Since my system is protected and locked in absence this might lead to avoidance by:

  1. using a really short & weak password
  2. getting a permanently installed cardreader. In my case it is my office - VM
  3. installing kayboard-macro trickery to bypass entering the passphrase

So i don't even dare to install this software to clients who would run into the same problems of rejecting using kleopatra. Resulting in not using encryption/signing at all.

Details

Version
Kleopatra 3.1.4-gpg4win-3.1.5

Event Timeline

esdee created this task.Apr 5 2019, 8:15 AM
aheinecke closed this task as Resolved.Apr 5 2019, 8:41 AM
aheinecke claimed this task.
aheinecke added a subscriber: aheinecke.

Hi,
if I don't misunderstand you, we already have that:

In Kleopatra or GpgOL's options you can change the cache timeout under "GnuPG System" -> Private Keys -> "Expire cached PINs after N Seconds" and "Set maximum PIN cache lifetime to N seconds".

If you use a high value there you have it so that only after logging out you have to reenter the passphrase.

Or you can write it directly to the config in %APPDATA%/gpg-agent.conf

default-cache-ttl 72000
max-cache-ttl 72000

Does this work for you?

jdrch added a subscriber: jdrch.Jul 14 2022, 6:09 PM
In T4449#124252, @aheinecke wrote:

Or you can write it directly to the config in %APPDATA%/gpg-agent.conf

Just FYI on Kleopatra verson Gpg4win-4.0.2 on Windows 20H2+ this file is located at %APPDATA%\gnupg\gpg-agent.conf