56
14
GnuPG can, with gpg-agent
, cache access to a private key. How can I keep that cache active for the entire user session?
When I unlock the key for gpg-agent
, it only stays cached for a limited time. With SSH's agent, I enter the passphrase one time and it stays cached for the whole session. I want the same behaviour from gpg-agent
.
So, ssh-agent
doesn't suffer from a limited cache lifetime. But gpg-agent
limits the cache lifetime, at least by default. How can I eliminate the limit on cache time from gpg-agent
?
Please note that in latests versions (at least gnupg 2.1), the
– Pablo Olmos de Aguilera C. – 2014-12-27T19:12:47.887maximum-cache-ttl
option doesn't exist. To see the correct options, see the official documentation: https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html#Agent-Options4At least in GnuPG 2.1 the default for
default-cache-ttl
is 600 seconds (10 minutes), not two hours. – jlh – 2017-10-03T09:30:24.587@jlh Looking at the man pages for different versions of
gpg-agent
, the correct value seems to be 10 minutes for all releases. I edited the answer, thank you for pointing this out. – Jens Erat – 2017-10-05T10:32:42.3401What can the reason be that my GPG4Win asks every 10 minutes even that my settings are set to the samples above?
max-cache-ttl 34560000
– Ben – 2018-12-17T17:34:56.940This sounds like you used the wrong file for setting up the value. I'm sorry I'm not deep enough into Windows to immediately being able to tell you how to best debug this, but I'd start with setting the
log-file
option -- if nothing is logged to that file, you're indeed probably using the wrong file. – Jens Erat – 2018-12-17T21:54:15.773@Ben I think I found the answer to this. You have to put the
gpg-agent.conf
file at$env:AppData\gnupg
I did this and it all seems to be working the way I want... – CubanX – 2019-04-23T14:00:33.770
@CubanX already have this, but this wont work for me... – Ben – 2019-04-24T11:30:29.473
Ugh, sorry @Ben. It has worked for everyone that has tried it in our office...
I wonder what is different about your set up? – CubanX – 2019-04-30T14:15:48.647
Is this a “you can't do what you're asking” response? It's not clear, since you're talking about limiting the session length or limiting caching time. I want exactly the opposite of that: no arbitrary limit on the cache time or session length. – bignose – 2013-07-29T00:58:48.620
Kind of that, you can only workaround by setting a rather huge ttl. Set it to a year or so and you should be fine - but need to end the session by restarting
gpg-agent
. – Jens Erat – 2013-07-29T08:12:17.240