The loopback pinentry
Neal H. Walfield
neal at walfield.org
Wed Apr 20 21:32:40 CEST 2016
On Wed, 20 Apr 2016 16:26:18 +0200,
Werner Koch wrote:
> Since version 2.1 GnuPG has a loopback pinentry mode which does not use
> the pinentry but sends the request for a passphrase back to the calling
> application (gpg or gpgsm). This feature was originally implemented for
> a very specific use case but it turns out that it is very useful for
> unattended use of GnuPG.
> To make use of this feature, gpg-agent requires the option
> --allow-loopback-pinentry. The rationale for requiring an option is
> that only gpg-agent and pinentry shall be responsible for the passphrase
> to protect a key. The loopback mode weakens this idea. However, in the
> majority of use cases gpg-agent is anyway run on the same machine and
> with the same permissions as gpg. Thus the need for an option to allow
> the use of the loopback pinentry mode is questionable.
> I propose to make --allow-loopback-pinentry the default and add an
> option --no-allow-loopback-pinentry, so that it is possible to disallow
> the use of the loopback pinentry. This is a simple change but some
> advanced use cases of GnuPG would benefit from this (e.g. Mailpile).
Should allow-preset-passphrase also be the default?
More information about the Gnupg-devel