问题
I am trying to decrypt a file from the server where I have the required public key of that server. The keyring has a password protection and so when I try to decrypt a file, it asks me for a passphrase.
Is there a way to bypass that passphrase by passing the password when we try to decrypt the file.
I am using gpg-agent where the passphrase is cached for 600sec default time and for some reason I am unable to set the max-cache-ttl (It didn't work for me, I don't know y) and is availble only for that session.
Now I want to cache the passphrase for which I am using gpg-preset-passphrase. I set it in .gnupg/gpg-agent.conf as gpg-preset-passphrase --preset hex. I don't know what I am missing in this.
Can someone please let me know what I am missing in this?
回答1:
I am unable to bypass the passphrase or pinentry screen, but I used gpg-agent options like default-cache-ttl to set the cache time. So that from the second attempt, the pinentry is going to retrieve the cached passphrase and will reset the timer on defaul-cache-ttl.
There is one more called max-cache-ttl option, even after the successfull retrieval of cached passphrase and reset of default-cache-ttl, this option doesn't change its timer and expires the cached passphrase after the set timeout.
For ex: If I set both of them for 10hrs (i.e., 36000sec), if I call the decrypt after 5hrs, default is going to reset its timer and now we have 10more hours. But the max is going to expire after the initial 10hours and thus removes the cached passphrase after 10hours.
One more problem I found is, session issue with gpg-agent. i.e., if I open a new session and try to decrypt, it doesn't happen and errors out that gpg-agent is not available for this session. I wrote some shell script and put it on bashrc so that it starts as soon as a new session is started
来源:https://stackoverflow.com/questions/8671099/how-to-bypass-pinentry-passphrase-screen-while-decrypting-a-file-using-gpgme