[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bad epg.el+GPG2 behavior: unavoidable passphrase pinentry prompt

From: Ted Zlatanov
Subject: Re: bad epg.el+GPG2 behavior: unavoidable passphrase pinentry prompt
Date: Sun, 29 Sep 2013 13:57:31 -0400
User-agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)

On Sun, 29 Sep 2013 11:24:56 -0400 Daiki Ueno <address@hidden> wrote: 

DU> Ted Zlatanov <address@hidden> writes:
>> It used to be possible to do
>> GPG_AGENT_INFO=none gpg --decrypt foo.gpg
>> GPG_AGENT_INFO=none gpg --batch --decrypt foo.gpg
>> etc.
>> but with GPG 2.x that seems to be disabled and the pinentry prompt pops
>> up no matter what.  Without waiting for changes on the GPG side, the
>> only option seems to be to downgrade to GPG 1.x, which is not a great
>> solution.  I haven't found a configuration option to disable the popup,
>> and even removing /usr/bin/pinentry and disabling the gpg-agent doesn't
>> work:

DU> Nowadays, GnuPG 2.1 or later has --pinentry-mode option, which provides
DU> a way to bypass the graphical pinentry prompt, like:

DU> $ gpg --batch --decrypt --pinetry-mode=loopback authinfo.gpg

DU> which just behaves like gpg1.  I added the support to epg.el (see
DU> epg-pinentry-mode) some time ago, but not yet added any user option in
DU> epa.el.

DU> Patches (and testing) are welcome.

I'd love to test and patch, but the latest GnuPG release is 2.0.21 and I
can't find mentions of 2.1 on their website.  2.0.20 doesn't have the
--pinentry-mode option by default (tested in Gentoo).  I assume this is
the relevant commit that introduces it:


It seems that GnuPG has to be explicitly compiled with
--allow-loopback-pinentry which IMO is a really painful requirement to
pass onto Emacs users.  I am surprised by this, but perhaps I've
misunderstood something?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]