Allowing paste into pinentry-gtk-2?
Anthony Papillion
papillion at gmail.com
Sat Apr 16 09:20:01 CEST 2011
I don't have an answer to your question, Todd, but I have to second
your frustration with not being able to paste to the pinentry. I've
never really seen a good justification as to why paste has been
disallowed either so I'd love to see it implemented.
Anthony
On 4/16/11, Todd A. Jacobs <codegnome.consulting+gnupg.org at gmail.com> wrote:
> Currently, it looks like pinentry-gtk-2 (I'm using 0.8.0) doesn't allow
> pasting from the clipboard. This is annoying, because a truly long,
> randomized password is not practical to type into a hidden dialog box. It
> really seems like pinentry forces one to use short, insecure passwords. One
> supposes there is a trade-off in security here, but I'm more concerned about
> brute-force attacks on the passphrase than I am about someone sniffing the
> clipboard--it seems that if they have access to my clipboard, they can
> probably log my keystrokes, anyway, right? So offline attacks against the
> key's passphrase seem more likely.
>
> So, I really have two questions. First, is it possible to force pinentry
> dialogs to allow pasting from the clipboard? Secondly, is it possible to
> force the CLI to use an alternate pinentry (say, pinentry-curses) or some
> other method to populate an existing gpg-agent with a cached passphrase?
>
--
Sent from my mobile device
Anthony Papillion
Lead Developer / Owner
Get real about your software/web development and IT Services
(918) 919-4624
Facebook: http://www.facebook.com/cajuntechie
My Blog: http://www.cajuntechie.com
More information about the Gnupg-users
mailing list