NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: lib/44075: libnetpgp: limit the number of passphrase prompts

On Tue, Nov 09, 2010 at 07:10:01PM +0000, wrote:
> >Description:
> There ought to be a cap on the number of times the user may enter
> an invalid passphrase :)  Add to this the fact that netpgp cannot
> be aborted with ^C or ^Z...

Well, that's dependent on the platform - e.g.:

% netpgp -d c.gpg
netpgp: default key set to "C0596823"
signature  2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid              Alistair Crooks <>
uid              Alistair Crooks <>
uid              Alistair Crooks <>
uid              Alistair Crooks <>
uid              Alistair Crooks (Yahoo!) <>
encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
netpgp passphrase:

% uname -a
NetBSD 5.99.26 NetBSD 5.99.26 (GENERIC) 
#0: Mon Apr  5 15:32:36 PDT 2010

I hit ^C at the passphrase prompt above.  This does not happen on
Linux (I tried RHEL, but sounds like other variants behave the same

> >How-To-Repeat:
> Try to decrypt something, decide you don't want to do this just now,
> feel the need to switch to another terminal to 'killall netpgp' :)

I can understand this, but I don't like limiting it.

> >Fix:
> Apply the patch at:
> (and yes, I'm aware that with this patch, netpgp --decrypt
> foo.txt.gpg with three wrong passphrase tries will generate an empty
> foo.txt; still trying to track this down)

Yeah, and to add to that I'm aware that gnupg limits the number of
attempts to enter the passphrase, as does ssh, and I really don't like


Home | Main Index | Thread Index | Old Index