Avoid pinentry-gtk-2 when using console!
Roger
rogerx at sdf.lonestar.org
Wed Jun 3 08:24:17 CEST 2009
On Wed, 2009-06-03 at 08:02 +0200, Werner Koch wrote:
> On Tue, 2 Jun 2009 22:43, rogerx at sdf.lonestar.org said:
> > (or .gnupg/option statement or environmental variable) which seeks to
> > make gpg/pinentry usage stricter.
>
> Right; that is why a standard solution would not work.
>
> > (Granted, I find X useful and prefer still strongly prefer the console.
> > Just don't try forcing the X windows down my throat like Windows
>
> No need to. There is the curses pinentry and the gpg-agent options
>
> --keep-tty
> --keep-display
> Ignore requests to change the current tty or X window system's
> DISPLAY variable respectively. This is useful to lock the
> pinentry to pop up at the tty or display you started the agent.
>
> Originally added to support running gpg-agent in screen(1). Still you
> will have the annoyance/security_feature to switch to the other tty.
>
>
> Salam-Shalom,
>
> Werner
Ah. Bingo. So really I should go file a (nagging) bug for Evolution PIM
client (nagging) me to enter a passphrase each time I start the
Evolution application.
Ten to one, it's using a gpg keyring for encrypting the email account
passwords. (ie. standard POP & IMAP which are sent unecrypted anyways!)
Looks like I need to go back, re-enable the gpg-agent compile time
option, ensure it's configured to my liking per your above notes
concerning "keep-*" options. Gather accurate data & go bug them! ;-)
--
Roger
http://rogerx.freeshell.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20090602/f0296cf0/attachment.pgp>
More information about the Gnupg-users
mailing list