gpg-agent/pinentry: How to verify calling application

Hartmut Knaack knaack.h at gmx.de
Wed Jul 19 00:10:34 CEST 2017


Werner Koch schrieb am 16.07.2017 um 21:17:
> On Sun, 16 Jul 2017 09:30, dkg at fifthhorseman.net said:
> 
>> I don't think there's currently any plan to do anything like this, but
> 
> Actually this is implemented since GnuPG 2.1.19 (Debian has 2.1.18,
> though) when used withwith a pinentry from Git after 2017-02-03.  There
> you will see in the titlebar something like
> 
>   [PID]@HOSTNAME (gpg --clearsign)
> 

I hope not to get too far off topic, but I encountered that suspicious
request of pinentry right after loggin into KDE, again. So, with the PID it
provided, I checked with ps aux:

me        2486  0.0  0.0  34028  3940 ?        SL   21:46   0:00 gpg2 --enable-special-filenames --batch --no-sk-comments --status-fd 11 --no-tty --charset utf8 --enable-progress-filter --exit-on-status-write-error --display :0 --ttyname kein Terminal --ttytype xterm --decrypt --output - -- -&14

And pstree outputs:

systemd---systemd---gpg2

When hitting cancel on that pinentry window, I get another window, stating
that kwallet wants to get access to my private key.
Any idea why this is happening or how I should proceed analysing? The only
legit process I would see should be my e-mail client.
Thanks,

Hartmut

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xFAC89148.asc
Type: application/pgp-keys
Size: 3086 bytes
Desc: not available
URL: </pipermail/attachments/20170719/1e8b30ea/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170719/1e8b30ea/attachment.sig>


More information about the Gnupg-users mailing list