From peter_e at gmx.net Mon Feb 27 13:43:04 2006 From: peter_e at gmx.net (Peter Eisentraut) Date: Mon Feb 27 14:33:31 2006 Subject: Bug#351715: pinentry doesn't work properly on dumb terminals In-Reply-To: <20060206220246.2648.33051.reportbug@catnip.gol.com> References: <20060206220246.2648.33051.reportbug@catnip.gol.com> Message-ID: <200602271343.05457.peter_e@gmx.net> This has been reported to the Debian bug tracking system. Comments? Am Montag, 6. Februar 2006 23:02 schrieb Miles Bader: > Package: pinentry > Version: 0.7.2-3 > Severity: normal > > I often want to use gpg, and thus pinentry, in an Emacs shell buffer or > the like where a "graphical" curses-based dialog like pinentry-curses > doesn't work; in some cases I do this when logged in remotely via ssh, > so pinentry-gtk doesn't work either. > > In such a case, pinentry-curses either displays gibberish (if TERM is > set, but not to something useful, e.g. to "emacs"), or simply fails (if > TERM is not set). > > Pinentry or pinentry-curses should really have a fallback mode that > simply turns off echoing and reads from the tty, just like gpg does > when gpg-agent isn't used. > > [To tell the truth, I dislike the heavyweight and intrusive > pinentry-curses dialog -- it obscures the terminal output which usually > tells me exactly why gpg is being run! -- and I'd really like to be able > to specify something like "--no-curses" and have it immediately fallback > to dumb-terminal mode when no gtk dialog is possible.] From marcus.brinkmann at ruhr-uni-bochum.de Mon Feb 27 18:19:28 2006 From: marcus.brinkmann at ruhr-uni-bochum.de (Marcus Brinkmann) Date: Mon Feb 27 19:17:56 2006 Subject: Bug#351715: pinentry doesn't work properly on dumb terminals In-Reply-To: <200602271343.05457.peter_e@gmx.net> References: <20060206220246.2648.33051.reportbug@catnip.gol.com> <200602271343.05457.peter_e@gmx.net> Message-ID: <871wxovhwf.wl%marcus.brinkmann@ruhr-uni-bochum.de> At Mon, 27 Feb 2006 13:43:04 +0100, Peter Eisentraut wrote: > > This has been reported to the Debian bug tracking system. Comments? I have no objection against going back to a simpler version of pinentry on dumb terminals, or on explicit request via an option. Anybody volunteering to implement this? Thanks, Marcus > Am Montag, 6. Februar 2006 23:02 schrieb Miles Bader: > > Package: pinentry > > Version: 0.7.2-3 > > Severity: normal > > > > I often want to use gpg, and thus pinentry, in an Emacs shell buffer or > > the like where a "graphical" curses-based dialog like pinentry-curses > > doesn't work; in some cases I do this when logged in remotely via ssh, > > so pinentry-gtk doesn't work either. > > > > In such a case, pinentry-curses either displays gibberish (if TERM is > > set, but not to something useful, e.g. to "emacs"), or simply fails (if > > TERM is not set). > > > > Pinentry or pinentry-curses should really have a fallback mode that > > simply turns off echoing and reads from the tty, just like gpg does > > when gpg-agent isn't used. > > > > [To tell the truth, I dislike the heavyweight and intrusive > > pinentry-curses dialog -- it obscures the terminal output which usually > > tells me exactly why gpg is being run! -- and I'd really like to be able > > to specify something like "--no-curses" and have it immediately fallback > > to dumb-terminal mode when no gtk dialog is possible.] > > _______________________________________________ > Gpa-dev mailing list > Gpa-dev@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gpa-dev > From wk at gnupg.org Tue Feb 28 09:44:05 2006 From: wk at gnupg.org (Werner Koch) Date: Tue Feb 28 09:47:08 2006 Subject: Bug#351715: pinentry doesn't work properly on dumb terminals In-Reply-To: <200602271343.05457.peter_e@gmx.net> (Peter Eisentraut's message of "Mon, 27 Feb 2006 13:43:04 +0100") References: <20060206220246.2648.33051.reportbug@catnip.gol.com> <200602271343.05457.peter_e@gmx.net> Message-ID: <87wtffswiy.fsf@wheatstone.g10code.de> On Mon, 27 Feb 2006 13:43:04 +0100, Peter Eisentraut said: > Am Montag, 6. Februar 2006 23:02 schrieb Miles Bader: >> I often want to use gpg, and thus pinentry, in an Emacs shell buffer or >> the like where a "graphical" curses-based dialog like pinentry-curses >> doesn't work; in some cases I do this when logged in remotely via ssh, What about M-x ansi-term then? >> Pinentry or pinentry-curses should really have a fallback mode that >> simply turns off echoing and reads from the tty, just like gpg does >> when gpg-agent isn't used. If you have this very special requirement you better use gpg --no-use-agent then. >> [To tell the truth, I dislike the heavyweight and intrusive >> pinentry-curses dialog -- it obscures the terminal output which usually >> tells me exactly why gpg is being run! -- and I'd really like to be able As of now gpg uses gpg-agent and thus pinenrty only in a very limited way; i.e. for passphrase caching. However the greater plan is to move all operations related to private keys to gpg-agent and thus gpg won't be able to decide whether a passphrase is required or not. This has been implemented in gpg2 (part of gnupg 1.9 but currently not suggested for use) as well as in gpgsm, gpg's S/MIME cousin. Further the ssh-agent included in gpg-agent uses pinentry and you can't predict when it requires input. Salam-Shalom, Werner