Help getting gtk or qt pinentry dialog forwarded over ssh connection

Arjun arjunkc at
Mon Jan 24 22:17:40 CET 2022

Hi Werner

I do know that I need to enable ssh X11 forwarding, and have tested it with ForwardX11 and ForwardX11Trusted 
on (-X and -Y on the command line). Unfortunately, pin entry always defaults to tty. I fully trust the machine (it's mine). xfd does say "no font to display".

In fact, if I ssh in, and run


I do get an X11 window to type my pin into. When I type in 

    getinfo ttyinfo

it does say "gtk-2". However, the logs I attached say that when I run

    gpg --decrypt ...
The GETINFO flavor command on pinentry gives 


This is the reason I'm seeing a curses pinentry when I try to gpg --decrypt something. I don't know how to get my gpg-agent to give me an X11 pinentry. 


Quoting Werner Koch (2022-01-24 12:19:09)
> On Sun, 23 Jan 2022 21:12, Arjun said:
> > I have GPG_TTY=$(tty) set in my .bashrc. However, when I ssh in 
> >
> >     ssh remote
> By default ssh does not allow X forwarding.  You need to use an extra
> option to ssh to allow X programs on the remote to work on your (local)
> X-server.
> A quick test is to run  "xfd"  If it runs and tells you no "no font to
> display" you can run X programs (like pinentry-gtk) on the remote box.
> If you do not fully trust the remote machine (and only then you should
> use X forwarding), you may still use gpg/gpgsm on the remote box:  See
> Salam-Shalom,
>    Werner
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list