Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Key Management #142

Open
acovrig opened this issue Mar 31, 2021 · 1 comment
Open

Key Management #142

acovrig opened this issue Mar 31, 2021 · 1 comment

Comments

@acovrig
Copy link

acovrig commented Mar 31, 2021

How do I remove a key from the keychain (or purge the keychain)? My current flow is:

User enters password in rails UI, the sidekiq worker does something like GPGME::Key.import(File.open("#{user_id}.ppk")).
I am able to decrypt data, however, when the worker is done, I can decrypt data with any password as that key is in memory. I need to remove that key from the keychain the valid password for that key is required to decrypt data again.
@goldstar611
Copy link

It sounds like the gpg agent might have cached the password. Check out https://unix.stackexchange.com/questions/395875/gpg-does-not-ask-for-password particularly setting up ~/.gnupg/gpg-agent.conf for the sidekiq user (if different that www-data) and pkill gpg-agent to ensure the settings are reloaded. I think setting the cache-ttl settings should help you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@acovrig @goldstar611