Not a direct answer to your question, but, when I was using Ubuntu I had a script that I was using to make about 300 packages, I only had to type in my key once or twice. I have been trying to work out how to do it on Debian but so far have come up short. Chris On Sun, 2010-09-19 at 01:58 -0400, Martin Owens wrote: > Hey all, > > Building debs for ppa uses gpg and signs each source package build in > two different places requiring the unlocking of the gpg key twice. > > I've been running a script which builds 4 packages for 3 ubuntu releases > which comes to typing in my gpg passphraise 24 times in succession (more > if I get it wrong). > > Should I be concerned that possible snoopers have 24 opportunities to > watch my passphraise in physical space? And if typing in the passphraise > a lots of times isn't important, why have a passphraise at all? > > Isn't this sort of problem what timed keyrings are for? > > Thoughts? > > Martin, > >
Attachment:
signature.asc
Description: This is a digitally signed message part