Pages: Welcome | Projects

Pinentry etc

Tags: [ security ] [ wtf ]

I often need to use GnuPG for one reason or another.

Nobody would ever say that gpg is usable. but I find gpg2 way more annoying, for many reasons. Among them: gpg_agent and pinentry.

gpg_agent is often in the way. It happens quite often that I've got to kill the dumb agent. It must be really common to other people too, given that the first thing the manpage tells is how to kill it.

pinentry is the program that prompts you for a passphrase.

It makes sense that we have so many variants of pinentry, one for each toolkit. But if I'm invoking gpg from the command line, why on the earth should I have a graphical window showing it to me? It reminds me of this old workaround.

But it's fine, I can use pinentry-curses or even better pinentry-tty.

But why on the earth do they need to scramble my terminal, should I change my mind and send SIGINT? WTF!

It is annoying, not enough to try investigating, but still quite annoying. I'm wondering if that's a side effect of some increased terminal security (e.g. to avoid snooping of some sort?), but if so, why doesn't it happen in the same way for ssh-agent? I should eventually investigate.