changing the user PIN for a smartcard in a script

Bernhard Reiter bernhard at
Fri Oct 31 15:23:17 CET 2014

On Wednesday 29 October 2014 at 22:29:07, Florin Andrei wrote:
> Ideally, I would run a script, have the user type in the new PIN, and
> the script would run "gpg --change-pin", do another thing with the PIN
> string after that, then discard it.
> The problem, of course, is that pinentry is launched. Now the user has
> to type the PIN several times. It's cumbersome and error-prone.

The idea of pinentry is that there is a most direct connection between
the user and the gpg-agent, holding the secret key. It does not want to let 
other software do "another thing" with the PIN string. ;)

And then, of course, if a user is to set a new pin, he or she should be able 
to easily type it in correctly a second time. >:)

You could develop your own pinentry application.

Note that pinentry-0.9 in some variants can do the two entries in one dialog.


-- (CEO) (Founding GA Member)
Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998
Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20141031/adec369e/attachment.sig>

More information about the Gnupg-users mailing list