Workaround for missing pinentry support in gpg-preset-passphrase? (was: How to avoid Passphrase prompt)
Peter Lebbing
peter at digitalbrains.com
Fri Feb 2 12:52:02 CET 2018
On 02/02/18 12:23, Peter Lebbing wrote:
> Do this every time after starting the server/starting gpg-agent, to unlock
> the key:
>
> gpg-preset-passphrase --preset 15CB764B81D542CF921978CA89910C69D53F4E2D
>
> (Type in the password. Currently no pinentry support.)
It is a pity gpg-preset-passphrase currently has no pinentry support.
While doing the dishes, I thought: can't we work around that for a bit?
:-)
I'd like to know what people think of this hack:
--8<---------------cut here---------------start------------->8---
gpg-connect-agent -q '/datafile -' 'get_passphrase --data workaround:pass + Enter+passphrase: +' 'clear_passphrase workaround:pass' /bye | /usr/lib/gnupg2/gpg-preset-passphrase --preset 15CB764B81D542CF921978CA89910C69D53F4E2D
--8<---------------cut here---------------end--------------->8---
As far as I can tell, the first part neatly echoes a pinentry-obtained
passphrase on stdout. This is then passed to gpg-preset-passphrase.
A neat work-around? Or an ugly hack that leads to system compromise,
uncontrolled nuclear fusion in the processor and a new world war?
(By the way, I didn't know how to pass an empty string, and all the
prompts are not optional despite what "help" says. So I passed single
spaces for the text.)
Cheers,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180202/33fa9b0b/attachment.sig>
More information about the Gnupg-users
mailing list