On 3/19/21 11:53 AM, Todd Zullinger wrote:
ToddAndMargo via users wrote:
Hi All,
I encrypted a file with
gpg --symmetric foobar.txt
It created foobar.txt.gpg file as expected
and I DID NOT tell it to store the passphrase.
$ cat foobar.txt.gpg
clearly showed a binary file.
When I ran
$less foobar.txt.gpg
it showed me the recovered file without encryption
and DID NOT ask me for a passphrase.
When I renamed the foobar.txt.gpg to foobar.txt
and ran "less" on it, now I get a binary file.
renaming it back to gpg and now it gets decrypted
again.
HOW DID LESS figure out my key and decrypt my file?
The LESSOPEN env variable points to the lesspipe.sh script,
which is able to do things like running gpg -d for files
matching .gpg files and sending the output to less. It does
the same for tar files, so that less some.tar produces a
list of the files in some.tar. And so on for many other
file types.
Are there are gpg keys stored somewhere" How do
I whack (erase) them?
The gpg-agent caches passphrases, I believe the default TTL
is 2 hours. You can force that cache to be cleared if
that's the cause. I think that's:
gpg-connect-agent reloadagent /bye
but I haven't looked at the docs lately to confirm that.
That explains it. Thank you!
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
