Public bug reported: I've been using the program `Pass` to manage my passwords, which uses a PGP key that I created for this purpose. I began noticing that after my first use of the passphrase gnome-keyring would cache the passphrase and no longer request it. This is a security issue as anyone with access to my machine can gain access to all of my passwords.
I assumed the settings could be tweaked, so I used `dconf-editor` to edit the `gpg-cache-method` file to use `timeout` instead of the default setting. I also changed the `gpg-cache-ttl` to 1 second from the default, which was 300 I believe. I then restarted the keyring with `$ gnome-keyring-daemon -r`. This successfully reset the keyring and I was prompted for my password. However, it only worked once. After entering the password, gnome-keyring cached my password and this survives logging out or restarting the computer. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1 ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18 Uname: Linux 4.15.0-30-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Aug 11 07:38:49 2018 InstallationDate: Installed on 2018-04-26 (106 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: gnome-keyring (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic gnome-keyring -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1786607 Title: gnome-keyring caches PGP password eternally Status in gnome-keyring package in Ubuntu: New Bug description: I've been using the program `Pass` to manage my passwords, which uses a PGP key that I created for this purpose. I began noticing that after my first use of the passphrase gnome-keyring would cache the passphrase and no longer request it. This is a security issue as anyone with access to my machine can gain access to all of my passwords. I assumed the settings could be tweaked, so I used `dconf-editor` to edit the `gpg-cache-method` file to use `timeout` instead of the default setting. I also changed the `gpg-cache-ttl` to 1 second from the default, which was 300 I believe. I then restarted the keyring with `$ gnome-keyring-daemon -r`. This successfully reset the keyring and I was prompted for my password. However, it only worked once. After entering the password, gnome-keyring cached my password and this survives logging out or restarting the computer. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1 ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18 Uname: Linux 4.15.0-30-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Aug 11 07:38:49 2018 InstallationDate: Installed on 2018-04-26 (106 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gnome-keyring UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1786607/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp