Hi Guys,
Thanks for the response. I had been doing a lot more reading since posting this
query and came across gpg-agent. I think that's a nice option. I've been having
fun since then building the latest libgcrypt and gnupg 2.0.21 stable build,
because while Ubuntu includes the 2.0.21 package, it's broken against the new
version of libgcrypt (Ubuntu's libgcrypt is from 2011).
So I now have gpg-agent running and I'll try that out as it can cache my
passphrase which will help considerably.
I also like the other option Mr Pentchev provided, and will try that out if I
can successfully finish the script I'm writing to randomise it enough for my
satisfaction :P
With shuf I can get random bits from those 100,000+ files, taken from random
directories and random files each time, the issue is of course for decryption I
would have to store that passphrase the script creates somewhere to enable it
to be pulled for decryption before re-encrypting it with another random
passphrase.
But I could definitely store that in a gpg file that's signed and encrypted
against my key, that I decrypt once per session or however long gpg-agent
caches my passphrase for.
Is that something that I can configure on the command line for gpg-agent or the
options file?
Regards,
Peter
________________________________
From: Peter Lebbing <[email protected]>
To: Peter Pentchev <[email protected]>
Cc: mightymouse2045 <[email protected]>; [email protected]
Sent: Thursday, 3 October 2013 8:09 PM
Subject: Re: GPG2 encryption options
On 03/10/13 13:35, Peter Pentchev wrote:
> a smartcard that caches the PIN for a limited
> amount of time
Small detail: this feature is not working in the current stable versions. GnuPG
2.1 will support this.
I use the following script to make the card forget its PIN:
----------8<------------------------------------>8----------
#!/bin/sh
gpg-connect-agent 'SCD RESET' /bye
----------8<------------------------------------>8----------
I created this based on a message of Werner Koch to this list. Earlier, I killed
the scdaemon.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter
>
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
