Add option for forgetting pin after command #84
Comments
|
I am not convinced such an option is necessary. As you said there is an easy way to achieve what you want. You can create an alias or a function or do whatever, but I don't like the idea of an option for this purpose very much. The only thing I could live with is having a way to disable caching of PINs altogether, through whatever means work best (perhaps compile time feature; I haven't thought about possibilities here). Would that work for you @bircoph ? |
|
Yes. Disabling pin cache completely will work for me. Though I prefer this feature to be configurable run-time. Let's consider nitrocli within Linux distro: some users may want to have it disabled and some may want to have the cache enabled. It's not a problem for Gentoo, but binary distributions will want to have universal binary available. |
|
I think the best solution would be to allow the user to set the cache TTL (or -1 to disable caching). Unfortunately, only gpg-agent’s PRESET_PASSPHRASE command has an option for the TTL (we use GET_PASSPHRASE). So as far as I see, there is no way to disable caching (other than not using gpg-agent at all or changing gpg-agent’s global configuration). |
|
I agree that run time configurability would be nice. Even more so if having a compile time feature does not reduce the number of dependencies (I don't think that would be possible here).
Hm, I thought we already support circumventing the cache? nitrocli/nitrocli/src/pinentry.rs Line 235 in eabca4c |
|
I merged the change. |
Hi!
It would be nice to have an option to forget pin for commands requiring pin/password entrace. Of course I can call
nitrocli pin clearafter each such command, but it would be easier to do with an option.Maybe it would be a good idea to have a config file support as well where users can specify their preferences including this option.
The text was updated successfully, but these errors were encountered: