Provide user PIN to gpg-agent?
Jonathan-Harbord at marubeni.com
Wed Dec 2 15:29:19 CET 2015
Thank you so much for your help! It worked.
I was using gpg4win, which of course does not include v2.1. I need to download the windows version from gnupg.org.
I had some difficulty with the syntax of a windows batch file but eventually succeeded with
gpg-connect-agent.exe --run <FILE>
Where <FILE> contained:
/definqfile PASSPHRASE <PIN>
SCD CHECKPIN <CARDID>
And where <CARDID> was the ID of the card from gpg --card-status as you suggested,
and <PIN> was a file containing the PIN.
Thank you again for your kind advice.
From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of NIIBE Yutaka
Sent: 02 December 2015 03:07
To: gnupg-users at gnupg.org
Subject: Re: Provide user PIN to gpg-agent?
On 12/01/2015 10:50 PM, Harbord Jonathan-EURITEC wrote:
> Is it possible to pass the user PIN of a smartcard to gpg-agent in a command?
> I'd like to stop the pinentry program appearing for an automated system.
Please note that I don't have any experience like that, and I don't generally recommend such a usage.
In general, we can provide a special application specific pinentry program for such a special purpose.
In GnuPG 2.1.x, there is allow-loopback-pinentry option. When enabled it by .gnupg/gpg-agent.conf or as an argument invoking gpg-agent, we can do something like:
'/definqfile PASSPHRASE /tmp/passphrase-for-smartcard' \
"SCD CHECKPIN <CARDID>" /bye
having a file /tmp/passphrase-for-smartcard, where <CARDID> is the one in the output of 'gpg --card-status' like:
Application ID ...: D276000124010200F517000000010000
Substitute <CARDID> by D276000124010200F517000000010000.
Gnupg-users mailing list
Gnupg-users at gnupg.org
More information about the Gnupg-users