Help with version gpg-agent on Mac-Tiger
steve at srevilak.net
Fri Mar 21 01:41:12 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
> From: Robert D.
> is there anyone using Mac OSX 10.4.11 and successfully using gpg-agent with
> any 2.x version of gpg?
Yes, I've been using gpg 2.0.8 on OSX 10.4.11 for about two months. I
built it via the macports "gpg2" package. I use gpg2/gpg-agent in
conjunction with Alpine (a curses-based MUA).
As a user, one of the first differences you'll see between gpg and
gpg2 is they way you're prompted for passphrases. gpg 1.4.8 reads
passphrases directly from the terminal, but gpg2 hands the passphrase
reading off to a separate program called "pinentry".
As I understand things, gpg2 uses GPG_AGENT_INFO to figure out how to
talk to gpg-agent, and gpg-agent uses the GPG_TTY environment variable
to tell pinentry which tty to grab when prompting for a passphrase.
(I suppose gpg2 passes the value of GPG_TTY to the agent?)
If anyone can give a more accurate outline of gpg2 -> agent ->
pinentry communications, please chime in.
The macports gpg2 package only includes pinentry-ncurses. For me, I'd
assume that means the passphrase prompt _has_ to come from a terminal.
Since I use a curses-based MUA, that's fine. But I don't know how
well it would work for a Carbon app like Thunderbird.
Did your gpg2 build install any other pinentry programs? You can try
running them directly, to see what kind of prompt shows up. Here's a
description of pinentry's protocol
Another question - are you starting thunderbird in a way that provides
access to the GPG_TTY and GPG_AGENT_INFO environment variables? If
these environment variables are set in your shell and you start
Thunderbird via "open /Applications/Thunderbird.app", then Thunderbird
should see them. (~/.MacOSX/environment.plist doesn't seem like a
good option for this). gpg-agent's man page gives a pretty good
recipie for setting the environment variables.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.8 (Darwin)
-----END PGP SIGNATURE-----
More information about the Gnupg-users