Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Clear GPG Cache/Password after Encryption in Linux Terminal

I am very annoyed with the GPG encryption process in the Linux terminal, I encrypt files with GPG from the terminal with the following command:

gpg --output file_out --symmetric --cipher-algo AES256 file_in

This command has been recommended here since GPG is a reliable encryption package.

The problem is that after enter the password and encrypt the file, the password doesn't get deleted. So anyone who has access to the PC can decrypt this file, and it doesn't get deleted only after I restart the computer.

So if I enter the decryption command right after: gpg --output file_in --decrypt file_out

It will give this message

gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase

And it will decrypt this automatically. So the password is stored somewhere and it doesn't get deleted until I restart the computer.

Is there any way to clear/wipe the password right after the encryption is finished?

like image 542
Gabrielf1 Avatar asked Aug 03 '17 08:08

Gabrielf1


2 Answers

Simply reloading gpg-agent (instead of killing it) clears its passphrase cache. It exists different methods to reload gpg-agent:

  • echo RELOADAGENT | gpg-connect-agent
  • gpgconf --reload gpg-agent
  • pkill -SIGHUP gpg-agent
like image 99
gentooboontoo Avatar answered Oct 18 '22 11:10

gentooboontoo


Passphrase is saved by gpg-agent. GPG tools like gpg start it automatically.

Use gpgconf --kill gpg-agent to stop agent.

like image 23
paka Avatar answered Oct 18 '22 10:10

paka