Add option for forgetting pin after command about nitrocli HOT 6 CLOSED

I am not convinced such an option is necessary. As you said there is an easy way to achieve what you want. You can create an alias or a function or do whatever, but I don't like the idea of an option for this purpose very much.

The only thing I could live with is having a way to disable caching of PINs altogether, through whatever means work best (perhaps compile time feature; I haven't thought about possibilities here). Would that work for you @bircoph ?

from nitrocli.

Yes. Disabling pin cache completely will work for me.

Though I prefer this feature to be configurable run-time. Let's consider nitrocli within Linux distro: some users may want to have it disabled and some may want to have the cache enabled. It's not a problem for Gentoo, but binary distributions will want to have universal binary available.

from nitrocli.

I think the best solution would be to allow the user to set the cache TTL (or -1 to disable caching). Unfortunately, only gpg-agent’s PRESET_PASSPHRASE command has an option for the TTL (we use GET_PASSPHRASE). So as far as I see, there is no way to disable caching (other than not using gpg-agent at all or changing gpg-agent’s global configuration).

from nitrocli.

I agree that run time configurability would be nice. Even more so if having a compile time feature does not reduce the number of dependencies (I don't think that would be possible here).

So as far as I see, there is no way to disable caching (other than not using gpg-agent at all or changing gpg-agent’s global configuration).

Hm, I thought we already support circumventing the cache?

from nitrocli.

I believe the existing infrastructure provides what we need. I've created #86 that should do what you are asking for. I am honoring a new environment variable, NITROCLI_NO_CACHE to disable the caching at run time.

@bircoph mind giving it a try?

from nitrocli.

I merged the change.

from nitrocli.