Provide user PIN to gpg-agent?
gniibe at fsij.org
Wed Dec 2 04:07:12 CET 2015
On 12/01/2015 10:50 PM, Harbord Jonathan-EURITEC wrote:
> Is it possible to pass the user PIN of a smartcard to gpg-agent in a command?
> I'd like to stop the pinentry program appearing for an automated system.
Please note that I don't have any experience like that, and I don't
generally recommend such a usage.
In general, we can provide a special application specific pinentry
program for such a special purpose.
In GnuPG 2.1.x, there is allow-loopback-pinentry option. When enabled
it by .gnupg/gpg-agent.conf or as an argument invoking gpg-agent, we
can do something like:
'/definqfile PASSPHRASE /tmp/passphrase-for-smartcard' \
"SCD CHECKPIN <CARDID>" /bye
having a file /tmp/passphrase-for-smartcard, where <CARDID> is the one
in the output of 'gpg --card-status' like:
Application ID ...: D276000124010200F517000000010000
Substitute <CARDID> by D276000124010200F517000000010000.
More information about the Gnupg-users