ToddAndMargo via users wrote:
> Hi All,
>
> I encrypted a file with
> gpg --symmetric foobar.txt
>
> It created foobar.txt.gpg file as expected
> and I DID NOT tell it to store the passphrase.
>
> $ cat foobar.txt.gpg
> clearly showed a binary file.
>
> When I ran
> $less foobar.txt.gpg
>
> it showed me the recovered file without encryption
> and DID NOT ask me for a passphrase.
>
> When I renamed the foobar.txt.gpg to foobar.txt
> and ran "less" on it, now I get a binary file.
> renaming it back to gpg and now it gets decrypted
> again.
>
> HOW DID LESS figure out my key and decrypt my file?
The LESSOPEN env variable points to the lesspipe.sh script,
which is able to do things like running gpg -d for files
matching .gpg files and sending the output to less. It does
the same for tar files, so that less some.tar produces a
list of the files in some.tar. And so on for many other
file types.
> Are there are gpg keys stored somewhere" How do
> I whack (erase) them?
The gpg-agent caches passphrases, I believe the default TTL
is 2 hours. You can force that cache to be cleared if
that's the cause. I think that's:
gpg-connect-agent reloadagent /bye
but I haven't looked at the docs lately to confirm that.
--
Todd
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
