[Bug 1786607] Re: gnome-keyring caches PGP password eternally

Sebastien Bacher seb128 at ubuntu.com
Wed Nov 28 14:43:12 UTC 2018 

Thank you for your bug report, that's similar to what is described on
https://bugzilla.gnome.org/show_bug.cgi?id=792442

gnome-keyring is not acting as a gpg agent anymore, those settings still
available but not used can be confused and it's a bug but the request to
change the default behaviour is for gpg-agent so reassigning

** Bug watch added: GNOME Bug Tracker #792442
   https://bugzilla.gnome.org/show_bug.cgi?id=792442

** Package changed: gnome-keyring (Ubuntu) => gnupg2 (Ubuntu)

** Changed in: gnupg2 (Ubuntu)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnupg2 in Ubuntu.
https://bugs.launchpad.net/bugs/1786607

Title:
  gnome-keyring caches PGP password eternally

Status in gnupg2 package in Ubuntu:
  New

Bug description:
  I've been using the program `Pass` to manage my passwords, which uses
  a PGP key that I created for this purpose. I began noticing that after
  my first use of the passphrase gnome-keyring would cache the
  passphrase and no longer request it. This is a security issue as
  anyone with access to my machine can gain access to all of my
  passwords.

  I assumed the settings could be tweaked, so I used `dconf-editor` to
  edit the `gpg-cache-method` file to use `timeout` instead of the
  default setting. I also changed the `gpg-cache-ttl` to 1 second from
  the default, which was 300 I believe. I then restarted the keyring
  with `$ gnome-keyring-daemon -r`.

  This successfully reset the keyring and I was prompted for my
  password. However, it only worked once. After entering the password,
  gnome-keyring cached my password and this survives logging out or
  restarting the computer.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18
  Uname: Linux 4.15.0-30-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.9-0ubuntu7.2
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Sat Aug 11 07:38:49 2018
  InstallationDate: Installed on 2018-04-26 (106 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: gnome-keyring
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/1786607/+subscriptions

More information about the foundations-bugs mailing list