mutt/GPG

[prev] [thread] [next] [lurker] [Date index for 2005/04/02]

From: Abigail
Subject: mutt/GPG
Date: 02:08 on 02 Apr 2005
--GvXjxJ+pjyke8COw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


So, I have GPG installed. And I use mutt, which can deal with GPG.
By default, it will sign your mail. To do so, it needs your private
key - which is protected by a passphrase. So, if it needs the private
key, it will ask for the passphrase. And to avoid having to type the
passphrase over and over again, it will remember your passphrase,
until you either quit mutt, or a timeout happens.


Sounds useful, this caching of the passphrase, doesn't it?


It is. Until you mistype your passphrase. GPG will refuse to unlock
the private key (rightly so), but oh, so helpful mutt, it will remember
the passphrase you typed in. So GPG will fail. Again, and again, and
again. You'll have to quit mutt and restart it to get out this state
(or wait for a timeout). And if there's a keystroke to invalidate the
cache, they've managed to hide what the keystroke is.



Abigail

--GvXjxJ+pjyke8COw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCTfCEBOh7Ggo6rasRAuSwAKDFYu2AwreMqGK6TbjyGngpAhazPQCeKf3A
Iiy00eOITdFnhn/wuRaXazA=
=oObu
-----END PGP SIGNATURE-----

--GvXjxJ+pjyke8COw--

Generated at 11:00 on 07 Apr 2005 by mariachi 0.52