[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Duply and GPG passphrase in config file
|
From: |
Scott Hansen |
|
Subject: |
Re: [Duplicity-talk] Duply and GPG passphrase in config file |
|
Date: |
Fri, 22 Nov 2013 14:39:13 -0800 |
|
User-agent: |
Mutt/1.5.22 (2013-10-16) |
On Fri, Nov 22, 2013 at 08:54:18PM +0100, address@hidden wrote:
> On 22.11.2013 18:50, Scott Hansen wrote:
> >> On 22.11.2013 17:27, Rafael Beraldo wrote:
> >
> >> > How do you manage your passphrase? Do you create new keys just for the
> >> > backups, or do you just change the permissions of the conf file? Maybe
> >> > you
> >> > feel that encrypting the /home partition is enough? I'm interested to
> >> > see
> >> > how you deal with this.
> >> >
> >
> > I prefer using gpg-agent with a passphrase protected key. It does require
> > entering the passphrase for each key once after each boot, but
> > considering that reboots are rare it's not a big inconvenience. I guess
> > that probably wouldn't work for a larger number of servers but for just a
> > couple it's fine.
> >
>
> how do you deal with the timeout of gpg-agent? last i checked password
> weren't kept indefinitely in memory.
I just set in ~/.gnupg/gpg-agent.conf:
max-cache-ttl 60480000
default-cache-ttl 60480000
If my math is correct, that's around 700 days. I can't go _that_ long between
reboots!
Scott
pgpgQWmaytOa2.pgp
Description: PGP signature