Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pinentry-support #50

Open
shibumi opened this issue Jun 22, 2021 · 6 comments
Open

pinentry-support #50

shibumi opened this issue Jun 22, 2021 · 6 comments

Comments

@shibumi
Copy link

shibumi commented Jun 22, 2021

Hi,

nice project! It would be cool to have pinentry support like bemenu has via pinentry-bemenu.

@l4l
Copy link
Owner

l4l commented Jun 25, 2021

Hey, thanks for reaching out. I've never used the pinentry yet, so could you please describe the usecase in more details. I want to ensure that it does not fits the dialog mode for example.

@shibumi
Copy link
Author

shibumi commented Jun 25, 2021

pinentry is a small collection of dialog programs that allow GnuPG to read passphrases and PIN numbers in a secure manner. There are versions for the common GTK and Qt toolkits as well as for the text terminal (Curses).

With bemenu (a demenu like menu) a menu pops up when I use my Yubikey and it asks me for a PIN code.

@l4l
Copy link
Owner

l4l commented Jun 26, 2021

Is there something that trigger program launch or you do it manually? I have no Yubikey, but would like to test is somehow.

@shibumi
Copy link
Author

shibumi commented Jun 26, 2021

@l4l you can test it without a yubikey as well. Just install Gnupg and set the following in your gpg-agent.conf file located in $HOME/.gnupg/gpg-agent.conf:

allow-loopback-pinentry
pinentry-program /usr/bin/<your pinentry program>
max-cache-ttl 60480000
default-cache-ttl 60480000

If you just want to have a look on how this work, you could install one of the following pinentry programs for playing around with it:

pinentry usr/bin/pinentry-curses
pinentry usr/bin/pinentry-emacs
pinentry usr/bin/pinentry-gnome3
pinentry usr/bin/pinentry-gtk-2
pinentry usr/bin/pinentry-qt
pinentry usr/bin/pinentry-tty

Just generate a new GPG key... seal it with a password and try to do operations with it. For example encrypting a file with GPG.
This will trigger the pinentry menu where you will be asked for a password of the sealed GPG key.

@shibumi
Copy link
Author

shibumi commented Jun 26, 2021

More Information can be found here: https://github.com/gpg/pinentry

@skewballfox
Copy link

btw, I think pin-entry is also used by things like gnome-keyring and (I believe) systemd when it needs to prompt a user for authentication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants