gnupg & pinentry
Mark Felder
feld at FreeBSD.org
Tue Dec 23 13:44:19 UTC 2014
On Mon, Dec 22, 2014, at 03:46, Matt Smith wrote:
> On Dec 22 22:33, Jonathan Chen wrote:
> >Hi,
> >
> >Once upon a time, installing gnupg didn't require pinentry, and I
> >could run it quite happily on the command line. However, nowadays if I
> >install the port it drags in pinentry and a whole set of graphical
> >libraries that I don't really need on a headless box. Is pinentry
> >really required for gnupg to run correctly?
> >
>
> I believe in version 2.1.x they made entering the passphrase via
> pinentry basically mandatory and deprecated being able to do it via
> stdin methods. So it probably pulls in pinentry by default now. For
> binary packages this is unfortunatly going to default to all the front
> ends which includes ones for X. For port based source installs you can
> deselect the ones for X and only leave the ncurses one which then just
> pulls in one extra dependancy. Unfortunately that's the downside of
> binary package installs.
>
> FYI, you can also re-enable passphrases by stdin if required by adding
> allow-loopback-pinentry to .gnupg/gpg-agent.conf and using the
> --pinentry-mode=loopback command line switch to gpg.
>
It looks as though it would be feasible to write an extremely
lightweight pinentry-compatible program to depend on so we can kill the
dependency bloat and have a simple shell-based password entry option.
Anyone up for a weekend challenge? :-)
More information about the freebsd-ports
mailing list