On 26/07/14 12:41, Heinz Diehl wrote: > Only you can answer this question, because the answer depends entirely on > your thread model.
I completely agree. > Are there others which have physical access to your machine? If an attacker has physical access, you've lost; game over. > Is there swapspac which the passphrase could be dumped into? I highly suspect gpg-agent marks memory pages with key material as non-swappable. By the way, I think passphrase caching in gpg-agent is a rather common deployment. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
