<div dir="ltr">I'd love to have gone to 2.2 but getting GnuPG to work on Solaris is extremely difficult. We tried compiling from source, but hit several roadblocks. Looking online, several others have reported the same issues, but have had no resolution. I messaged this group, but unfortunately, none of the suggestions worked.<div><br></div><div>In the end, our admins found an old packaged version of v2 on an open source for Solaris repository. The workaround was to make the virtual device terminal of the original user accessible to the su user who was creating the keys. This is a security hole that we're not happy with, but it was only temporary as we don't require an interactive passphrase following key creation.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 1 February 2018 at 05:00, Daniel Kahn Gillmor <span dir="ltr"><<a href="mailto:dkg@fifthhorseman.net" target="_blank">dkg@fifthhorseman.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Mon 2018-01-29 15:44:56 +1300, Dan Horne wrote:<br>
> Has someone got a workaround? I need to be able to use "su" as we are not<br>
> allowed to log into the user directly. I'm also stuck with Solaris and the<br>
> specified version of GnuPG<br>
<br>
</span>the problem you're running into is that pinentry is unable to prompt you<br>
for a password.<br>
<br>
as a workaround, you could create your own pinentry that provides a<br>
password, or that can prompt you in some other way. You might be<br>
interested in some dummy pinentry implementations:<br>
<br>
<a href="https://dev.gnupg.org/source/gnupg/browse/master/tests/fake-pinentries/" rel="noreferrer" target="_blank">https://dev.gnupg.org/source/<wbr>gnupg/browse/master/tests/<wbr>fake-pinentries/</a><br>
<br>
For an actual fix, you've got quite a set of constraints here, and they<br>
might just mean that you cannot solve the problem without a workaround.<br>
<br>
Please note that the 2.0.x branch of GnuPG is no longer supported by the<br>
project.<br>
<br>
I *strongly* recommend that you try to get the 2.2.* branch installed<br>
and then you'll be able to use the loopback pinentry-mode. And you'll<br>
be running supported software.<br>
<span class="HOEnZb"><font color="#888888"><br>
--dkg<br>
</font></span></blockquote></div><br></div>