[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Passphrase caching for GnuPG in Emacs?
From: |
tomas |
Subject: |
Re: Passphrase caching for GnuPG in Emacs? |
Date: |
Mon, 9 Nov 2015 14:50:22 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, Nov 09, 2015 at 02:55:40PM +0100, Jens Lechtenboerger wrote:
> On 2015-11-09, at 09:45, tomas@tuxteam.de wrote:
>
> > On Sun, Nov 08, 2015 at 05:00:56PM +0100, Jens Lechtenboerger wrote:
> >> Hi there,
> >>
> >> I plan to refactor the code used for GnuPG in the Message mode of
> >> Emacs [...]
> > The last time I gave gpg 2 a try, a crude GTK dialog appeared from
> > nowhere (disrupting my command line workflow). I just ran away,
> > screaming.
> >
> > It seems there's a command-line pinentry these days. From Emacs,
> > my dream would be that it's Emacs which handles user interaction.
>
> What you describe is the default for GUIs, I guess.
yes, I suppose.
> If I use the option
> pinentry-program /usr/local/bin/pinentry-curses
> in gpg-agent.conf and start Emacs within a terminal (option -nw),
> then the passphrase needs to be entered within the terminal window,
> whose contents get replaced by pinentry-curses while entering the
> passphrase. Would that be good enough for you?
That would force me to use Emacs -nw. Hmmm.
> Moreover, as mentioned above there is Emacs support in pinentry,
> which can be enabled by configure options at compile time.
Yep, that'll be it. I'm aware of the risks[1], I'll take them. Thanks
for pointing me to a solution.
> >From the pinentry info pages:
> “Having Emacs get the passphrase is convenient, however, it is a
> significant security risk [...]
> Out of curiosity: Are you customizing any of the 8 variables related
> to passphrase caching that I mentioned in my earlier message?
No. Your changes won't affect me. My question was on a tangent anyway,
but thanks for the clarifications.
[1] If someone takes over my Emacs I'm SOL anyway. All my data go down
in flames :-)
Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlZApJ4ACgkQBcgs9XrR2kZ73gCfbwJpAAdMrzdRCartF9kL3FNK
ANoAmwVTM18AhtjlUWFWmTzSIpJIoibO
=NOky
-----END PGP SIGNATURE-----