You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
--symmetric [...] gpg caches the passphrase used for symmetric encryption so that a decrypt operation may not require that the user needs to enter the passphrase. The option --no-symkey-cache can be used to disable this feature.
Is it just me, or is that a rather ridiculous default? Meaning, that by default anyone with access to the shell can decrypt the file without knowing the passphrase while the password is still in cache from the encryption process.
Can be "fixed" by adding --no-symkey-cache
The text was updated successfully, but these errors were encountered:
From the docs
Is it just me, or is that a rather ridiculous default? Meaning, that by default anyone with access to the shell can decrypt the file without knowing the passphrase while the password is still in cache from the encryption process.
Can be "fixed" by adding
--no-symkey-cache
The text was updated successfully, but these errors were encountered: