GNU bug report logs - #15553
24.3.50; epg.el and GnuPG 2.x cause unavoidable pinentry prompts for symmetrically encrypted files

Previous Next

Package: emacs;

Reported by: Teodor Zlatanov <tzz <at> lifelogs.com>

Date: Mon, 7 Oct 2013 18:04:02 UTC

Severity: normal

Tags: notabug

Found in version 24.3.50

Done: Daiki Ueno <ueno <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #12 received at 15553-done <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Teodor Zlatanov <tzz <at> lifelogs.com>
Cc: 15553-done <at> debbugs.gnu.org
Subject: Re: bug#15553: 24.3.50;
 epg.el and GnuPG 2.x cause unavoidable pinentry prompts for
 symmetrically encrypted files
Date: Tue, 08 Oct 2013 08:54:17 +0900

tags 15553 notabug
thanks

Teodor Zlatanov <tzz <at> lifelogs.com> writes:

> 1. Install GnuPG 2.x, don't run gpg-agent
> 2. Open file.gpg, X or curses pinentry dialog pops up
>
> The suggested workaround is to run gpg-agent.

So you can workaround, what's your problem?

> Problems:
>
> - on a headless server this can lock up Emacs

Not a problem if you use the workaround.

> - if the GPG agent is dead, locked up, or not running, there's no remedy

Ditto.

> - the X pinentry dialog is very non-specific ("Enter passphrase") so
>   there's no way to know what passphrase is being requested and why if
>   you don't have the specific instance in focus.

Unreleated to this bug, please open a new one.

> - there's no way to avoid the prompt in favor of an Emacs minibuffer query

As I said a number of times, that degrades security.  If the insecurity
is okay for you, what's the reason you want to use GnuPG 2.x rather than
GnuPG 1.x?
This bug report was last modified 11 years and 229 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.