On Sat, Jul 26, 2014 at 12:58 PM, Mathias Bauer <mba...@mailbox.org> wrote: > * Sudhir Khanger wrote on Sat, 26 Jul 2014, at 12:29 (+0530): > >> On Sat, Jul 26, 2014 at 3:06 AM, Mathias Bauer <mba...@mailbox.org> wrote: > >> > Usually it's *one* passphrase for the whole GnuPG key >> > material. >> >> Do you not need to set different passphrase for each subkey? > > No, usually not. If you generate a key using some GUI or if you > are working on some terminal and use the command > > $ gpg --gen-key > > you will be asked for one passphrase only. Although this will > create a main key and a subkey. > > There are more sophisticated scenarios which may use multiple > passphrases. For example, if you want to use a so called > "offline key", you will have at least two passphrases: one for > your offline key and one for your "daily working key". > > Regards, > Mathias
Is using some single-sign-on method, like keychain or pam, to keep gpg passphrase cached in gpg-agent for the length of user session, so that one doesn't have to enter gpg key passphrase every time one is sending an email, considered a common practice? Or does that again fall in risky behavior category? -- Regards, Sudhir Khanger. sudhirkhanger.com https://github.com/donniezazen _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
