--- Begin Message ---
Subject: |
24.3.50; epg.el and GnuPG 2.x cause unavoidable pinentry prompts for symmetrically encrypted files |
Date: |
Mon, 07 Oct 2013 14:03:08 -0400 |
1. Install GnuPG 2.x, don't run gpg-agent
2. Open file.gpg, X or curses pinentry dialog pops up
The suggested workaround is to run gpg-agent.
Problems:
- on a headless server this can lock up Emacs
- if the GPG agent is dead, locked up, or not running, there's no remedy
- the X pinentry dialog is very non-specific ("Enter passphrase") so
there's no way to know what passphrase is being requested and why if
you don't have the specific instance in focus.
- there's no way to avoid the prompt in favor of an Emacs minibuffer query
In GNU Emacs 24.3.50.2 (x86_64-unknown-linux-gnu, GTK+ Version 3.4.4)
of 2013-09-20 on flea.lifelogs.com
Bzr revision: 114415 address@hidden
Windowing system distributor `The X.Org Foundation', version 11.0.11304000
System Description: Gentoo Base System release 2.2
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#15553: 24.3.50; epg.el and GnuPG 2.x cause unavoidable pinentry prompts for symmetrically encrypted files |
Date: |
Tue, 08 Oct 2013 08:54:17 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux) |
tags 15553 notabug
thanks
Teodor Zlatanov <address@hidden> writes:
> 1. Install GnuPG 2.x, don't run gpg-agent
> 2. Open file.gpg, X or curses pinentry dialog pops up
>
> The suggested workaround is to run gpg-agent.
So you can workaround, what's your problem?
> Problems:
>
> - on a headless server this can lock up Emacs
Not a problem if you use the workaround.
> - if the GPG agent is dead, locked up, or not running, there's no remedy
Ditto.
> - the X pinentry dialog is very non-specific ("Enter passphrase") so
> there's no way to know what passphrase is being requested and why if
> you don't have the specific instance in focus.
Unreleated to this bug, please open a new one.
> - there's no way to avoid the prompt in favor of an Emacs minibuffer query
As I said a number of times, that degrades security. If the insecurity
is okay for you, what's the reason you want to use GnuPG 2.x rather than
GnuPG 1.x?
--- End Message ---