help-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passphrase caching for GnuPG in Emacs?


From: Jens Lechtenboerger
Subject: Re: Passphrase caching for GnuPG in Emacs?
Date: Mon, 09 Nov 2015 14:55:40 +0100
User-agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.0.50 (gnu/linux)

On 2015-11-09, at 09:45, tomas@tuxteam.de wrote:

> On Sun, Nov 08, 2015 at 05:00:56PM +0100, Jens Lechtenboerger wrote:
>> Hi there,
>>
>> I plan to refactor the code used for GnuPG in the Message mode of
>> Emacs [...]
>
>> If I’m not mistaken (please let me know if I’m wrong), with GnuPG
>> 2.x (and gpgsm) passphrases cannot be cached within Emacs as
>> gpg-agent is started automatically and tries to invoke a pinentry
>> program.
>
> Just a question: how do you plan to handle this pinentry?

Actually, that’s not me, but GnuPG.  And I just realized that I’m
mistaken, pinentry in Emacs is possible but not recommended, see
below.

> The last time I gave gpg 2 a try, a crude GTK dialog appeared from
> nowhere (disrupting my command line workflow). I just ran away,
> screaming.
>
> It seems there's a command-line pinentry these days. From Emacs,
> my dream would be that it's Emacs which handles user interaction.

What you describe is the default for GUIs, I guess.

If I use the option
pinentry-program /usr/local/bin/pinentry-curses
in gpg-agent.conf and start Emacs within a terminal (option -nw),
then the passphrase needs to be entered within the terminal window,
whose contents get replaced by pinentry-curses while entering the
passphrase.  Would that be good enough for you?

Moreover, as mentioned above there is Emacs support in pinentry,
which can be enabled by configure options at compile time.

>From the pinentry info pages:
   “Having Emacs get the passphrase is convenient, however, it is a
significant security risk.  Emacs keeps all key presses buffered.  (You
can see the recent key presses by typing 'C-h l' ('view-lossage') in
emacs.)  Further, Emacs is a huge program, which doesn't provide any
process isolation to speak of.  As such, having it handle the passphrase
adds a huge chunk of code to the user's trusted computing base.  Because
of this concern, Emacs doesn't enable this by default (the user has to
run '(pinentry-start)', e.g., from his or her '.emacs' file,
explicitly).”

Out of curiosity: Are you customizing any of the 8 variables related
to passphrase caching that I mentioned in my earlier message?

Best wishes
Jens



reply via email to

[Prev in Thread] Current Thread [Next in Thread]