Provide user PIN to gpg-agent?

NIIBE Yutaka gniibe at
Wed Dec 2 04:07:12 CET 2015

On 12/01/2015 10:50 PM, Harbord Jonathan-EURITEC wrote:
> Is it possible to pass the user PIN of a smartcard to gpg-agent in a command?
> I'd like to stop the pinentry program appearing for an automated system.

Please note that I don't have any experience like that, and I don't
generally recommend such a usage.

In general, we can provide a special application specific pinentry
program for such a special purpose.

In GnuPG 2.1.x, there is allow-loopback-pinentry option.  When enabled
it by .gnupg/gpg-agent.conf or as an argument invoking gpg-agent, we
can do something like:

    gpg-connect-agent \
        "OPTION pinentry-mode=loopback"
        '/definqfile PASSPHRASE /tmp/passphrase-for-smartcard' \
        "SCD CHECKPIN <CARDID>" /bye

having a file /tmp/passphrase-for-smartcard, where <CARDID> is the one
in the output of 'gpg --card-status' like:

	Application ID ...: D276000124010200F517000000010000

Substitute <CARDID> by D276000124010200F517000000010000.

Please try.

More information about the Gnupg-users mailing list