[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bad epg.el+GPG2 behavior: unavoidable passphrase pinentry prompt
From: |
Ted Zlatanov |
Subject: |
Re: bad epg.el+GPG2 behavior: unavoidable passphrase pinentry prompt |
Date: |
Sun, 29 Sep 2013 13:57:31 -0400 |
User-agent: |
Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) |
On Sun, 29 Sep 2013 11:24:56 -0400 Daiki Ueno <address@hidden> wrote:
DU> Ted Zlatanov <address@hidden> writes:
>> It used to be possible to do
>>
>> GPG_AGENT_INFO=none gpg --decrypt foo.gpg
>> GPG_AGENT_INFO=none gpg --batch --decrypt foo.gpg
>> etc.
>>
>> but with GPG 2.x that seems to be disabled and the pinentry prompt pops
>> up no matter what. Without waiting for changes on the GPG side, the
>> only option seems to be to downgrade to GPG 1.x, which is not a great
>> solution. I haven't found a configuration option to disable the popup,
>> and even removing /usr/bin/pinentry and disabling the gpg-agent doesn't
>> work:
DU> Nowadays, GnuPG 2.1 or later has --pinentry-mode option, which provides
DU> a way to bypass the graphical pinentry prompt, like:
DU> $ gpg --batch --decrypt --pinetry-mode=loopback authinfo.gpg
DU> which just behaves like gpg1. I added the support to epg.el (see
DU> epg-pinentry-mode) some time ago, but not yet added any user option in
DU> epa.el.
DU> Patches (and testing) are welcome.
I'd love to test and patch, but the latest GnuPG release is 2.0.21 and I
can't find mentions of 2.1 on their website. 2.0.20 doesn't have the
--pinentry-mode option by default (tested in Gentoo). I assume this is
the relevant commit that introduces it:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=21feecd48f990b2569cb4b385dea3e57b9501525
It seems that GnuPG has to be explicitly compiled with
--allow-loopback-pinentry which IMO is a really painful requirement to
pass onto Emacs users. I am surprised by this, but perhaps I've
misunderstood something?
Ted