Richard Stallman <[email protected]> wrote: > > Well, Iʼve tried, and the key obstacle now is that there seems to be > nothing to fix: with either GnuPG 2.1 or GnuPG 2.2 setting: > > > (setq epa-pinentry-mode 'loopback) ;; for Emacs 26 > > (setq epg-pinentry-mode 'loopback) ;; for Emacs 27 > > Please note that I use Emacs on a text terminal.
Sure, I kept that in mind. > That is what creates the problem. Yes, indeed. pinentry-curses(1) (which is used by default when no graphics is available) compete with Emacs for exclusive control over input, so once it started, it may be hard even to leave it without switching to the secondary TTY and typing ‘$ killall pinentry’. With pinentry-tty(1) the situation is no way better. They are specifically designed that way for security reasons. > Also, I don't know what 'loopback' does. It might not be what I want. You want not to retype the passphrase on every access to the private key. This requires using gpg-agent(1), which in modern GPG is the daemon that actually does the stuff, while gpg(1) is a mere frontend to it. When gpg-agent need a passphrase to be typed in, it may either: (1) launch a pinentry command; or (2) send a request for it back to gpg(1) (or whatever frontend is used). Default is to do the former, ‘loopback’ instructs it to do the latter. Indeed, this is not the only way to use GPG 2 and Emacs on the same TTY, but the closest one to the legacy GPG 1 setup, that you are using now. Another way is to use pinentry.el, which can be installed from elpa.gnu.org. However it needs support by pinentry itself, which is intentionally disabled in many distributions (e. g. Debian) for another bunch of security reasons.
signature.asc
Description: PGP signature
