OpenPGP card and gpg-agent TTL

Matthias Apitz guru at unixarea.de
Fri Nov 12 11:15:07 CET 2021 

El día lunes, noviembre 08, 2021 a las 11:18:37a. m. +0100, Matthias Apitz escribió:

> > You did the
> > 
> >  gpg-connect-agent updatestartuptty /bye
> > 
> > thing to tell gpg-agent where it shall pop up the pinentry?  Further
> > ...
> 
> Thanks for the hints. Magically it works now by its own after adding
> this to the ~purism/.bashrc (the terminal app does not source .profile).
> 
> In a SSH session a 'pass test' asks now inline for the PIN and in the
> terminal app some Gnome window pops up.

Re/ pinentry there is even more inteligent "magic": The available
pinentry pgms are:

purism at pureos:~$ which pinentry
/usr/bin/pinentry
purism at pureos:~$ ls -l /usr/bin/pinentry
lrwxrwxrwx 1 root root 26 Nov  5 18:05 /usr/bin/pinentry -> /etc/alternatives/pinentry
purism at pureos:~$ ls -l /etc/alternatives/pinentry
lrwxrwxrwx 1 root root 24 Sep 11 08:25 /etc/alternatives/pinentry -> /usr/bin/pinentry-gnome3
purism at pureos:~$ ls -l /usr/bin/pinentr*
lrwxrwxrwx 1 root root    26 Nov  5 18:05 /usr/bin/pinentry -> /etc/alternatives/pinentry
-rwxr-xr-x 1 root root 59848 May  8  2020 /usr/bin/pinentry-curses
-rwxr-xr-x 1 root root 72136 May  8  2020 /usr/bin/pinentry-gnome3
lrwxrwxrwx 1 root root    30 Sep 11 08:25 /usr/bin/pinentry-x11 -> /etc/alternatives/pinentry-x11

And when the PIN is needed in a SSH session, then the PIN is asked in
the SSH session with:

                     ┌──────────────────────────────────────────────┐
                     │ Please unlock the card                       │
                     │                                              │
                     │ Number: 0005 0000A6FE                        │
                     │ Holder: Matthias Apitz                       │
                     │                                              │
                     │ PIN ________________________________________ │
                     │                                              │
                     │      <OK>                        <Cancel>    │
                     └──────────────────────────────────────────────┘

*when* the L5 is locked, when the L5 is not locked the PIN is asked on
its screen with the /usr/bin/pinentry-gnome3. Nice!

	matthias

-- 
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
August 13, 1961: Better a wall than a war. And, while the GDR was still existing,
no German troups and bombs have been killed in Yugoslavia, Afghanistan, Afrika...

More information about the Gnupg-users mailing list