How can I adjust the default passphrase caching duration for GPG/PGP/SSH keys?

ssh gnupg keyrings seahorse pgp
10,800
  • Lauch dconf-editor.
  • Navigate to desktop - gnome - crypto - cache.
  • change gpg-cache-method to idle or timeout.
  • change gpg-cache-ttl to the number of seconds you want the passphrase to be cached.
  • Restart the gnome-keyring daemon $ gnome-keyring-daemon -r

idle means that the timer is reset each time you use the key before timeout is reached. timeout means that simply the time elapsed since entering the passphrase is considered.

This only works for GPG-keys. Passphrases for SSH-keys are still cached until the end of the session. IMHO this is a bug.

Share:
10,800

Related videos on Youtube

Karl Frisk
Author by

Karl Frisk

Updated on September 18, 2022

Comments

  • Karl Frisk
    Karl Frisk over 1 year

    As far as I know, gnome-keyring-daemon caches passphrases for keys by default until I log out. I would like to set the default to something like "cache for 10 minutes". How can I do that in Ubuntu 12.04 Precise?

    Thanks a lot!

    • Admin
      Admin over 10 years
      I found related options in ´gsettings´ under ´org.gnome.crypto.cache´. Unfortunately these do not seem to have any effect. Probably this is due to this bug for which the fixes apparently were never merged to ubuntu (bugzilla.gnome.org/show_bug.cgi?id=681081)
    • Admin
      Admin over 10 years
      OK, the last comment is only true for SSH-keys. For GPG the settings work as expected.
  • Uwe Heim
    Uwe Heim almost 7 years
    I did what you suggested and it made no difference. The system remembers the passphrase regardless and decryption follows. This is a serious security issue. I am surprised nobody has raised a red flag.
  • Linter
    Linter over 5 years
    I'm struggling with this problem under Ubuntu 18.03. I used dconf-editor to change to timeout and use 1 second. I reset the keyring and immediately after I had to use the password for my PGP key. However, once entered, the password gets cached again. It survives a reboot/logout. Very frustrating!
  • Flux
    Flux about 3 years
    If not mistaken, the command line equivalent is: gsettings set org.gnome.crypto.cache gpg-cache-method 'timeout', gsettings set org.gnome.crypto.cache gpg-cache-ttl 300, gnome-keyring-daemon -r.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Difference between pgp protocol and rsa protocol
The safest way to backup GPG and SSH keys
How to disable the keyring for SSH and GPG?
How to use gpg and SSH together?
Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg)
How to automatically unlock private SSH key?
Google Chromium asks for keyring to unlock 14.04, but I don't want the password to be the same as my ubuntu login
Keyring Password, Unity in 11.10
gpg-agent and SSH: No keys
how to remove my key (ssh-keygen) when I do not know hostname? (But I know other things)