Using pinentry-curses interactively in Linux boot process fails (SOLVED)

Malte Gell malte.gell at gmx.de
Fri Jul 23 21:03:53 CEST 2010


tux.tsndcb at free.fr wrote

> > Yes and the boot partition is not encrypted, only /home But I solved it.
> > It was an init script issue. On openSUSE there is an init script
> > "earlyxdm" and it has overridden so to say the pinentry-ncurses program.
> > I have now edited earlyxdm and have added my own script to
> > Requried-Start, thus earlyxdm now waits until pinentry-curses does its
> > job. It works now. Pretty cool, I can now unlock my LUKS volume with the
> > openPGP card, that's nerd ;-)
> 
> Hello Mate,
 
> I use Debian and not OpenSuse, but I'm interristing by your script.
> Could you give it ?

Yes, of course. I have attached it, I named it open-luks-key. The only 
interesting stuff is the start and stop section. I have directly put the name 
of my luks partition there. It is a dumb script, does not detect anything 
automatically, but it works if the card reader is running fine. I even have 
not removed  the FOO template stuff from it :-) Ugly, but works.
The "Required-Start:" section needs to contain the PCSC daemon, that needs to 
run, so gpg-agent can call the pinentry program.

Regards
Malte
-------------- next part --------------
A non-text attachment was scrubbed...
Name: open-luks-key
Type: application/x-shellscript
Size: 10954 bytes
Desc: not available
URL: </pipermail/attachments/20100723/5cfcb245/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100723/5cfcb245/attachment-0001.pgp>


More information about the Gnupg-users mailing list