Workaround for missing pinentry support in gpg-preset-passphrase? (was: How to avoid Passphrase prompt)

Peter Lebbing peter at
Fri Feb 2 12:52:02 CET 2018

On 02/02/18 12:23, Peter Lebbing wrote:
> Do this every time after starting the server/starting gpg-agent, to unlock 
> the key:
> gpg-preset-passphrase --preset 15CB764B81D542CF921978CA89910C69D53F4E2D
> (Type in the password. Currently no pinentry support.)

It is a pity gpg-preset-passphrase currently has no pinentry support.

While doing the dishes, I thought: can't we work around that for a bit? 

I'd like to know what people think of this hack:

--8<---------------cut here---------------start------------->8---
gpg-connect-agent -q '/datafile -' 'get_passphrase --data workaround:pass + Enter+passphrase: +' 'clear_passphrase workaround:pass' /bye | /usr/lib/gnupg2/gpg-preset-passphrase --preset 15CB764B81D542CF921978CA89910C69D53F4E2D
--8<---------------cut here---------------end--------------->8---

As far as I can tell, the first part neatly echoes a pinentry-obtained 
passphrase on stdout. This is then passed to gpg-preset-passphrase.

A neat work-around? Or an ugly hack that leads to system compromise, 
uncontrolled nuclear fusion in the processor and a new world war?

(By the way, I didn't know how to pass an empty string, and all the 
prompts are not optional despite what "help" says. So I passed single 
spaces for the text.)



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list