Help getting gtk or qt pinentry dialog forwarded over ssh connection
Arjun
arjunkc at gmail.com
Mon Jan 24 03:12:34 CET 2022
Hi
I have a very basic gnupg setup on a remote server, with the following options set for the gpg-agent. Please cc me on the replies since I have not subscribed.
#pinentry-program /usr/bin/pinentry-curses
#pinentry-program /usr/bin/pinentry-tty
#pinentry-program /usr/bin/pinentry-qt
#pinentry-program /usr/bin/pinentry-x11
#pinentry-program /usr/bin/pinentry-gnome3
# i have tried all the above pinentry programs
pinentry-program /usr/bin/pinentry-gtk-2
allow-loopback-pinentry
default-cache-ttl 14400
max-cache-ttl 14400
debug-pinentry
debug-level 1024
I have GPG_TTY=$(tty) set in my .bashrc. However, when I ssh in
ssh remote
gpg-connect-agent updatestartuptty /bye
gpg --decrypt
I always get a curses pinentry. My gnupg is version 2.2.12 on debian buster. Here is my log.
https://pastebin.com/APTRTJ5c
DBG: chan_9 -> OK Pleased to meet you, process 15072
DBG: chan_9 <- RESET
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION ttyname=/dev/pts/1
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION ttytype=xterm-256color
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION display=localhost:11.0
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/b
us
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION lc-ctype=en_US.UTF-8
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION lc-messages=en_US.UTF-8
DBG: chan_9 -> OK
DBG: chan_9 <- GETINFO version
DBG: chan_9 -> D 2.2.12
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION allow-pinentry-notify
DBG: chan_9 -> OK
DBG: chan_9 <- OPTION agent-awareness=2.1.0
DBG: chan_9 -> OK
DBG: chan_9 <- HAVEKEY <redacted>
DBG: chan_9 -> OK
DBG: chan_9 <- SETKEY <redacted>
DBG: chan_9 -> OK
DBG: chan_9 <- SETKEYDESC Please+enter+the+passphrase+to+unlock+the+OpenPGP+secr
et+key:
DBG: chan_9 -> OK
DBG: chan_9 <- PKDECRYPT
DBG: chan_9 -> S INQUIRE_MAXLEN 4096
DBG: chan_9 -> INQUIRE CIPHERTEXT
DBG: chan_9 <- [ redacted ]
DBG: chan_9 <- END
DBG: keygrip: redacted
DBG: cipher: redacted
DBG:
DBG:
sed for 30m)
DBG:
DBG:
ed cache key) ...
DBG:
Jan 23 21:03:04 mediaserver gpg-agent[15798]: starting a new PIN Entry
DBG: chan_11 <- OK Pleased to meet you, process 15798
DBG: connection to PIN entry established
DBG: chan_11 -> OPTION no-grab
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION ttyname=/dev/pts/1
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION ttytype=xterm-256color
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION lc-ctype=en_US.UTF-8
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION lc-messages=en_US.UTF-8
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION allow-external-password-cache
DBG: chan_11 <- OK Pleased to meet you, process 15798
DBG: connection to PIN entry established
DBG: chan_11 -> OPTION no-grab
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION ttyname=/dev/pts/1
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION ttytype=xterm-256color
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION lc-ctype=en_US.UTF-8
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION lc-messages=en_US.UTF-8
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION allow-external-password-cache
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-ok=_OK
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-cancel=_Cancel
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-yes=_Yes
DBG: chan_11 <- ERR 83886254 Unknown option <Pinentry>
DBG: chan_11 -> OPTION default-no=_No
DBG: chan_11 <- ERR 83886254 Unknown option <Pinentry>
DBG: chan_11 -> OPTION default-prompt=PIN:
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-pwmngr=_Save in password manager
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-cf-visi=Do you really want to make your passphrase visible on the screen?
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-tt-visi=Make passphrase visible
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION default-tt-hide=Hide passphrase
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION touch-file=/run/user/1000/gnupg/S.gpg-agent
DBG: chan_11 <- OK
DBG: chan_11 -> OPTION owner=15072 mediaserver
DBG: chan_11 <- OK
DBG: chan_11 -> GETINFO flavor
DBG: chan_11 <- D gtk2:curses
DBG: chan_11 <- OK
DBG: chan_11 -> GETINFO version
DBG: chan_11 <- D 1.1.0
DBG: chan_11 <- OK
DBG: chan_11 -> GETINFO ttyinfo
DBG: chan_11 <- D /dev/pts/1 xterm-256color -
DBG: chan_11 <- OK
DBG: chan_11 -> GETINFO pid
DBG: chan_11 <- D 15074
DBG: chan_11 <- OK
DBG: chan_9 -> INQUIRE PINENTRY_LAUNCHED 15074 gtk2:curses 1.1.0 /dev/pts/1 xterm-256color -
DBG: chan_9 <- END
Arjun
More information about the Gnupg-users
mailing list