[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Passphrase caching for GnuPG in Emacs?
From: |
Kevin Brubeck Unhammer |
Subject: |
Re: Passphrase caching for GnuPG in Emacs? |
Date: |
Wed, 11 Nov 2015 09:15:09 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> writes:
[...]
> If I use the option
> pinentry-program /usr/local/bin/pinentry-curses
> in gpg-agent.conf and start Emacs within a terminal (option -nw),
> then the passphrase needs to be entered within the terminal window,
> whose contents get replaced by pinentry-curses while entering the
> passphrase. Would that be good enough for you?
Because of the pinentry issues in gpg2, I have so far kept gpg1
installed as well, and used that instead of agent/pinentry-gtk iff I'm
in a text terminal. If I'm being graphical, I don't mind the gtk entry,
since it 1) works and 2) caches things, presumably securely.
(defadvice epg--start (around advice-epg-disable-agent activate)
"Don't allow epg--start to use gpg-agent in plain text
terminals."
(if (display-graphic-p)
ad-do-it
(let ((agent (getenv "GPG_AGENT_INFO")))
(setenv "GPG_AGENT_INFO" nil) ; give us a usable text password prompt
ad-do-it
(setenv "GPG_AGENT_INFO" agent))))
(defadvice epg-make-context (around advice-epg-gpg1 activate)
"Don't allow epg-make-context to use gpg2 in plain text
terminals."
(if (display-graphic-p)
ad-do-it
(let ((gpg epg-gpg-program))
(setq epg-gpg-program "/usr/bin/gpg1")
ad-do-it
(setq epg-gpg-program gpg))))
Can the pinentry-program setting be changed on-the-fly so I can say
"give me the gtk one" or "give me the curses one" depending on
(display-graphic-p) ?
Also, AFAIK, I don't use any of the mm-cache-variables.
--
Kevin Brubeck Unhammer
GPG: 0x766AC60C
signature.asc
Description: PGP signature