Avoid pinentry-gtk-2 when using console!

Werner Koch wk at gnupg.org
Wed Jun 3 08:02:57 CEST 2009

On Tue,  2 Jun 2009 22:43, rogerx at sdf.lonestar.org said:

> Again, still sounds like a hack as (I could have done this here).  It's

Or write your own pinentry; it is a separate package for a reason.

> Think it's paranoia unless one is on a public network or is being
> aggressively sought after all the time.  If this is a issue, it sounds

Depends on how you work; I have heard that some users have Javascript
and popup windows enabled in their browser and also read mail with a GUI
tool.  Malicious webpages could easily take advantage of that and popup
a PInentry like window.

> (or .gnupg/option statement or environmental variable) which seeks to
> make gpg/pinentry usage stricter.

Right; that is why a standard solution would not work.

> (Granted, I find X useful and prefer still strongly prefer the console.
> Just don't try forcing the X windows down my throat like Windows

No need to.  There is the curses pinentry and the gpg-agent options 

         Ignore requests to change the current tty or X window system's
         DISPLAY variable respectively.  This is useful to lock the
         pinentry to pop up at the tty or display you started the agent.

Originally added to support running gpg-agent in screen(1).  Still you
will have the annoyance/security_feature to switch to the other tty.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list