Avoid pinentry-gtk-2 when using console!

Roger rogerx at sdf.lonestar.org
Wed Jun 3 08:24:17 CEST 2009

On Wed, 2009-06-03 at 08:02 +0200, Werner Koch wrote:
> On Tue,  2 Jun 2009 22:43, rogerx at sdf.lonestar.org said:
> > (or .gnupg/option statement or environmental variable) which seeks to
> > make gpg/pinentry usage stricter.
> Right; that is why a standard solution would not work.
> > (Granted, I find X useful and prefer still strongly prefer the console.
> > Just don't try forcing the X windows down my throat like Windows
> No need to.  There is the curses pinentry and the gpg-agent options 
>      --keep-tty
>      --keep-display
>          Ignore requests to change the current tty or X window system's
>          DISPLAY variable respectively.  This is useful to lock the
>          pinentry to pop up at the tty or display you started the agent.
> Originally added to support running gpg-agent in screen(1).  Still you
> will have the annoyance/security_feature to switch to the other tty.
> Salam-Shalom,
>    Werner

Ah. Bingo. So really I should go file a (nagging) bug for Evolution PIM
client (nagging) me to enter a passphrase each time I start the
Evolution application.

Ten to one, it's using a gpg keyring for encrypting the email account
passwords. (ie. standard POP & IMAP which are sent unecrypted anyways!)

Looks like I need to go back, re-enable the gpg-agent compile time
option, ensure it's configured to my liking per your above notes
concerning "keep-*" options.  Gather accurate data & go bug them! ;-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20090602/f0296cf0/attachment.pgp>

More information about the Gnupg-users mailing list