help-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passphrase caching for GnuPG in Emacs?

From: tomas
Subject: Re: Passphrase caching for GnuPG in Emacs?
Date: Mon, 9 Nov 2015 14:50:22 +0100
User-agent: Mutt/1.5.21 (2010-09-15) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Nov 09, 2015 at 02:55:40PM +0100, Jens Lechtenboerger wrote:
> On 2015-11-09, at 09:45, tomas@tuxteam.de wrote:
> 
> > On Sun, Nov 08, 2015 at 05:00:56PM +0100, Jens Lechtenboerger wrote:
> >> Hi there,
> >>
> >> I plan to refactor the code used for GnuPG in the Message mode of
> >> Emacs [...]

> > The last time I gave gpg 2 a try, a crude GTK dialog appeared from
> > nowhere (disrupting my command line workflow). I just ran away,
> > screaming.
> >
> > It seems there's a command-line pinentry these days. From Emacs,
> > my dream would be that it's Emacs which handles user interaction.
> 
> What you describe is the default for GUIs, I guess.

yes, I suppose.

> If I use the option
> pinentry-program /usr/local/bin/pinentry-curses
> in gpg-agent.conf and start Emacs within a terminal (option -nw),
> then the passphrase needs to be entered within the terminal window,
> whose contents get replaced by pinentry-curses while entering the
> passphrase.  Would that be good enough for you?

That would force me to use Emacs -nw. Hmmm.

> Moreover, as mentioned above there is Emacs support in pinentry,
> which can be enabled by configure options at compile time.

Yep, that'll be it. I'm aware of the risks[1], I'll take them. Thanks
for pointing me to a solution.

> >From the pinentry info pages:
>    “Having Emacs get the passphrase is convenient, however, it is a
> significant security risk [...]

> Out of curiosity: Are you customizing any of the 8 variables related
> to passphrase caching that I mentioned in my earlier message?

No. Your changes won't affect me. My question was on a tangent anyway,
but thanks for the clarifications.

[1] If someone takes over my Emacs I'm SOL anyway. All my data go down
in flames :-)

Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlZApJ4ACgkQBcgs9XrR2kZ73gCfbwJpAAdMrzdRCartF9kL3FNK
ANoAmwVTM18AhtjlUWFWmTzSIpJIoibO
=NOky
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]