[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Duply and GPG passphrase in config file
|
From: |
edgar . soldin |
|
Subject: |
Re: [Duplicity-talk] Duply and GPG passphrase in config file |
|
Date: |
Sat, 23 Nov 2013 11:58:07 +0100 |
|
User-agent: |
Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.1.1 |
On 22.11.2013 23:39, Scott Hansen wrote:
> On Fri, Nov 22, 2013 at 08:54:18PM +0100, address@hidden wrote:
>> On 22.11.2013 18:50, Scott Hansen wrote:
>>>> On 22.11.2013 17:27, Rafael Beraldo wrote:
>>>
>>>>> How do you manage your passphrase? Do you create new keys just for the
>>>>> backups, or do you just change the permissions of the conf file? Maybe you
>>>>> feel that encrypting the /home partition is enough? I'm interested to see
>>>>> how you deal with this.
>>>>>
>>>
>>> I prefer using gpg-agent with a passphrase protected key. It does require
>>> entering the passphrase for each key once after each boot, but
>>> considering that reboots are rare it's not a big inconvenience. I guess
>>> that probably wouldn't work for a larger number of servers but for just a
>>> couple it's fine.
>>>
>>
>> how do you deal with the timeout of gpg-agent? last i checked password
>> weren't kept indefinitely in memory.
>
> I just set in ~/.gnupg/gpg-agent.conf:
> max-cache-ttl 60480000
> default-cache-ttl 60480000
>
> If my math is correct, that's around 700 days. I can't go _that_ long between
> reboots!
>
hmm.. probably stumbled over the need to define both, as one limits the other,
at that time i tried it.. good to know it works flawless for you.
thx ..ede/duply.net