GNOME Bugzilla – Bug 743698
gpg-cache-method incorrectly being set to "always"
Last modified: 2021-06-18 10:39:58 UTC
When a PGP key password is marked to be remembered while logged in, the org.gnome.crypto.cache gpg-cache-method setting (global) is set to "always". To recover a timeout behavior, the setting must be set to "timeout" through dconf-editor and the password must be changed to invalidate the cache. Steps to reproduce: - Go to dconf-editor and set gpg-cache-method to "timeout" - decrypt a file: gpg2 -d testfile.gpg and choose "Automatically unlock this key, whenever I'm logged in" - Go again to dconf-editor and observe gpg-cache-method has changed to "always" !!. Change to "timeout" and gpg-cache-ttl to 3 seconds - Try gpg2 -d testfile.gpg. Observe it works without asking for password even after 3 seconds. - Go to seahorse and change the password for the PGP key. - Try gpg2 -d testfile.gpg. Observe it asks now for the password because the cached one is invalid.
Fixed on commit https://git.gnome.org/browse/gnome-keyring/commit/?id=abf3473a9a14784a76911ef35c0916d462d55402
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/gnome-keyring/-/issues/ Thank you for your understanding and your help.