table of contents
PINENTRY-KWALLET(1) | General Commands Manual | PINENTRY-KWALLET(1) |
NAME¶
pinentry-kwallet
—
kwallet-based pass-phrase dialog for use with
GnuPG
SYNOPSIS¶
pinentry-kwallet |
[-q ] [options] |
DESCRIPTION¶
pinentry-kwallet
is a kwallet- and
pinentry-based pass-phrase dialog for use with GnuPG. It is intended to be
called from the gpg-agent(1) daemon and not invoked
directly.
pinentry-kwallet
replaces the regular
pinentry-program
stanza set in
~/.gnupg/gpg-agent.conf and looks up the passphrases
requested in the KWallet first, falling back to
pinentry
only if not found. The user is given the
option to store it in the KWallet afterwards. Negative answers to this are
also stored in the KWallet to avoid asking each time.
pinentry-kwallet
(like other pinentry
variants) talks a simplified subset of the regular Assuan protocol on stdio;
all commands, even unknown ones, are passed through to a
pinentry
co-process during run-time, even if the
latter is never used. It accepts the same options as
pinentry
, even unknown ones, because it is designed
to plug in. As an exception, -q
makes
pinentry-kwallet
more quiet (suppress warnings on
stderr), and -V
displays the version on stderr
(unless -q
).
pinentry-kwallet
attempts sophisticated
error handling: if an error dialogue is displayed, an internal counter is
increased. If the counter reaches 2, the value stored in the KWallet is
ignored, and the user is asked anew. The counter is stored in the KWallet,
which is suboptimal but necessary, because gpg2(1) does
not re-use the Assuan sessions, instead spawning a new
pinentry-kwallet
each time a passphrase is required
(rather stupid). Error counters are valid for 15 seconds since their last
increasement.
RETURN VALUES¶
pinentry-kwallet
exits 1 if it is called
recursively, 0 if help or version information are requested, and return
codes do not matter in any other cases because errors are signalled in-band.
It will exit 0 after the Assuan session is terminated.
ENVIRONMENT¶
SEE ALSO¶
date(1), gpg-agent(1), gpg2(1), kwalletcli(1), kwalletcli_getpin(1), mksh(1), pinentry-curses(1), pinentry-gtk-2(1), pinentry-qt(1), pinentry-x11(1)
AUTHORS¶
pinentry-kwallet
was written by
mirabilos ⟨m@mirbsd.org⟩ mostly for
tarent solutions GmbH.
CAVEATS¶
Some newer pinentry features, such as three-button operation, are not supported yet.
Some commands, such as version inquiry, as passed through to the pinentry coprocess indiscriminately, which may lead to strange results, should the protocol change or extend.
November 19, 2020 | Debian |