How to do pinentry in same screen as gpg
Dan Mahoney, System Admin
danm at prime.gushi.org
Fri Jan 3 14:31:44 CET 2014
On Fri, 3 Jan 2014, Hauke Laging wrote:
> Am Fr 03.01.2014, 01:14:22 schrieb Dan Mahoney, System Admin:
>> It basically works perfectly with gpg1, where I can get an inline
>> prompt for a password, but gpg2 falls short where it tries to set up
>> some kind of a unix-socket connection to a pinentry dialog, and this
>> all falls apart within the simple exec() alpine is doing to launch
>> the filter. GPG hangs up and I wind up needing to kill the whole
> Do you start gpg-agent before gpg2? I would expect the behaviour to be
> the same like gpg if gpg-agent is not running.
No, the agent "is required", per the manpage. If GPG doesn't find an
agent, it starts one:
I just fired up a gpg --gen-key on my system where 2.x is installed.
danm 74860 0.0 0.1 13728 2120 ?? Ss 1:18PM 0:00.02 gpg-agent
danm 74853 0.0 0.1 17408 3136 3 I+ 1:18PM 0:00.02 gpg
danm 74861 0.0 0.0 9264 1972 ?? I 1:18PM 0:00.01 pinentry
It leaves this agent running after you exit GPG, which feels sloppy -- ssh
doesn't leave ssh-agent running after I connect, if I use it at all.
>> It might also be nice if I could basically start a pinentry program in
>> a dedicated window,
> You can write a wrapper around pinentry. This wrapper could start
> pinentry in a different console. See:
> I assume this is much more a screen problem. Some time ago I tried to
> create a pipeline between two processes running in different screen
> windows. I didn't manage to do that. But maybe there are tricks unknown
> to me. Maybe that can be done with redirecting stdin and stdout to a
> socket with socat or something like that.
I seem to recall that I was able to do it by messing heavily with
environment variables. As I want to get back into playing with
smartcards, the agent become more necessary. (Or keeping v1 and v2
installed in parallel, which seems nonoptimal).
Hauke, in your posts, you mention that the pinentry protocol isn't on the
GPG website. Could that please be fixed by the people who maintain the
project? I notice it also missing from
If I come up with a good method for doing so, I'll post a howto/blog here.
I do wonder how difficult it would be to write a pinentry-getline which
doesn't try to do any fancy display tricks -- I just want enough magic to
turn echoing off. (I think the ncurses are part of what mess alpine up).
I may try this as well.
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
More information about the Gnupg-users