Unable to force gpg-agent to forget password
OpenPGP addon for Mozilla Thunderbird
Brought to you by:
pbrunschwig
Menu
▾
▴
Thunderbird 17.08, Ubuntu 13.10, Enigmail 1.5.2
During setup when importing public and private keys, gpg-agent remembers password regardless of whether "Use gpg-agent for passphrases" is checked. I am unable to force Enigmail to ask for my password before decrypting or signing messages. Do I need to disable gpg-agent completely from the command line? How would I do so? Is there a setting to require the password for signing and decrypting when gpg-agent is in use? Is there a GUI for gpg-agent?
Gpg-agent is mandatory for GnuPG 2.x, there is no way to disable it. Furthermore, if Enigmail detects a running gpg-agent (which is very common on Linux systems), it will use it.
If you want to disable gpg-agent, you have to switch to GnuPG 1.4.x and make sure that gpg-agent is not started when you login to your account.
I see...
Thank you for taking the time to answer.
It would be a nice feature request to be able to use gpg-agent but require the password when Thunderbird is first opened, for example.
That's not possible. Enigmail cannot call gpg-agent directly, thus it would require to create a signed message to yourself at startup. Furthermore, gpg-agent remembers the passphrase for each OpenPGP (sub-)key separately. Therefore, if you have several keys (like I do), then that wouldn't work anyway.