The loopback pinentry

Neal H. Walfield neal at
Wed Apr 20 21:32:40 CEST 2016

On Wed, 20 Apr 2016 16:26:18 +0200,
Werner Koch wrote:
> Since version 2.1 GnuPG has a loopback pinentry mode which does not use
> the pinentry but sends the request for a passphrase back to the calling
> application (gpg or gpgsm).  This feature was originally implemented for
> a very specific use case but it turns out that it is very useful for
> unattended use of GnuPG.
> To make use of this feature, gpg-agent requires the option
> --allow-loopback-pinentry.  The rationale for requiring an option is
> that only gpg-agent and pinentry shall be responsible for the passphrase
> to protect a key.  The loopback mode weakens this idea.  However, in the
> majority of use cases gpg-agent is anyway run on the same machine and
> with the same permissions as gpg.  Thus the need for an option to allow
> the use of the loopback pinentry mode is questionable.
> I propose to make --allow-loopback-pinentry the default and add an
> option --no-allow-loopback-pinentry, so that it is possible to disallow
> the use of the loopback pinentry.  This is a simple change but some
> advanced use cases of GnuPG would benefit from this (e.g. Mailpile).

Should allow-preset-passphrase also be the default?

:) Neal

More information about the Gnupg-devel mailing list