Quote from: SelfSovereignty on December 18, 2012, 06:51 pmQuote from: Nightcrawler on December 18, 2012, 09:13 amQuote from: SelfSovereignty on December 16, 2012, 06:18 pmQuote from: Boyd Crowder on December 16, 2012, 09:41 amQuote from: SelfSovereignty on December 16, 2012, 01:53 am... wait. What did you use to gen this? It's... weird. I mean I think it's fine, but... it's quirky?I have not attempted to remove the comment line, would not know how to. I used gpgtools for mac, with a little help from Guru who will be missed. One problem I have is that since generating the key I have not once been asked for a password, even after rebooting. I told guru about it and he said his gf's mac was the same but didn't know why, I would prefer if it did ask for my password. Thanks for the info guys.That would mean that there is no passphrase, my friend. You can do that with gpg in Linux, too, but I think it warns you about it.This means that anyone who gets your private key can impersonate you with ease.Edit: to be clear, this means that they can decrypt any messages that were sent to you without any passwords ever being involved. That private key is the *only* thing needed to do everything that you do.Incorrect. By default, GPGTools appears to store the users' passphrase in the Apple Keychain. As such, the user is not prompted for the passphrase, and messages are automatically decrypted. I don't think this is a particularly good idea. However, there is a fairly simple fix for this, as follows: 1) click on the little black apple in the toolbar at the top of your screen; the black apple is the leftmost item. 2) When the menu opens up, click on System Preferences3) When the System Preferences pane opens up, click on GPGPreferences4) When GPGPreferences opens up, you will be on the Configure tab. Under that you will see a check-box labelled "Use Keychain to store passphases by default" -- put a check in that box. There will be a little box where you will see the number 600 -- this represents the number of seconds that the passphrase is cached (or stored) for. If you replace the number 600 with the number 0, the passphrase will be stored in the Keychain for zero seconds (essentially not at all), and the user will be prompted for the passphrase each and every time they go to decrypt a message. NCHrm; I just assumed that if that's what was going on, it would at least time out in 5-10 minutes... obviously I was mistaken. Thanks for the correction, Nightcrawler.It should have timed out in 10 minutes, but did not, for whatever reason, thus the need for the fix. NC