Public bug reported:

I've been using the program `Pass` to manage my passwords, which uses a
PGP key that I created for this purpose. I began noticing that after my
first use of the passphrase gnome-keyring would cache the passphrase and
no longer request it. This is a security issue as anyone with access to
my machine can gain access to all of my passwords.

I assumed the settings could be tweaked, so I used `dconf-editor` to
edit the `gpg-cache-method` file to use `timeout` instead of the default
setting. I also changed the `gpg-cache-ttl` to 1 second from the
default, which was 300 I believe. I then restarted the keyring with `$
gnome-keyring-daemon -r`.

This successfully reset the keyring and I was prompted for my password.
However, it only worked once. After entering the password, gnome-keyring
cached my password and this survives logging out or restarting the

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gnome-keyring
ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18
Uname: Linux 4.15.0-30-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Sat Aug 11 07:38:49 2018
InstallationDate: Installed on 2018-04-26 (106 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1)
 PATH=(custom, no user)
SourcePackage: gnome-keyring
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: gnome-keyring (Ubuntu)
     Importance: Undecided
         Status: New

** Tags: amd64 apport-bug bionic gnome-keyring

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  gnome-keyring caches PGP password eternally

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to