Hi there Developer i just have a question, wld take 3 min.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Nov 30 23:39:36 CET 2017
Hi Steinar--
On Thu 2017-11-30 15:01:01 +0100, Steinar Kvarre wrote:
> I have tried gnupg, and wonder is there somehow possible to hack the
> password with the gnupg with X also comes up with password in X
> windows. (i use xfce4) so i wonderd if between there from gnupg app to
> X win ask for password, is there a connection, Im just wondering for
> safety,
I don't know specifically what your question is, but i think you're
asking about the communications channel when GnuPG prompts for a
password.
On modern GnuPG systems, the communications channel is:
* gpg needs access to secret key material.
* it asks gpg-agent for the use of a secret key (possibly launching
gpg-agent if it's not already launched).
* gpg-agent checks to see whether it has unlocked access to that secret
key. if it does, it can grant access directly.
* if it does not, it launches some version of pinentry to get a
passphrase from the user. different versions of pinentry have
different ways of communicating with the user.
GnuPG itself should never see the password, unless it is invoked with
special commands that route the password handling back to
it. (e.g. --pinentry-mode=loopback).
Can you explain more about what you mean by "hack the password"?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20171130/1f02a11c/attachment-0001.sig>
More information about the Gcrypt-devel
mailing list