pinentry-qt and on-screen keyboards
Jakob Bohm
jb-gnumlists at wisemo.com
Thu Apr 10 14:09:56 CEST 2025
On 4/9/2025 23:57:24, Stuart Longland via Gnupg-users wrote:
> Hi all,
>
> I recently bought a second hand Panasonic Toughpad FZ-G1 which is a
> tablet form-factor PC. I've loaded it with Debian 12 using the KDE
> Plasma desktop (using X11 for now) and have `xvkbd` set up as a
> virtual keyboard.
>
> It is important to note this machine has a single USB (USB3 type A)
> port and *NO* hardware keyboard beyond a couple of macro buttons on
> the bezel.
>
> pinentry, it seems, does not get along with xvkbd. When I need to
> unlock a private key, pinentry (I'm using pinentry-qt) blocks input
> events from all other applications, including xvkbd. I'm not sure the
> situation would change if I used something else.
>
> While I can understand this on a standard keyboard-equipped computer
> in normal circumstances, doing it on a touchscreen-driven tablet is
> ridiculous. I basically cannot use GnuPG at all on this computer
> unless my keys are stored without a passphrase, which is demonstrably
> worse security than pinentry preventing input to other applications.
>
> Is there a way to relax this restriction?
Ditto,
As someone who co-writes other tools that deal with the user terminal in
"unexpected" ways, hardwired "features" that restrict terminal
input/output to/from "sensitive" entry fields tend to be a PITA and a
major problem when the actual user that needs to handle the secret has
no access other than through something that such a "feature" blocks.
I have not had opportunity to test our tools with pinentry-qt yet, but
thanks for the heads up about this misfeature.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the Gnupg-users
mailing list