Scroll to navigation

PINENTRY-KWALLET(1) General Commands Manual PINENTRY-KWALLET(1)

NAME

pinentry-kwalletkwallet-based pass-phrase dialog for use with GnuPG

SYNOPSIS

pinentry-kwallet [-q] [options]

DESCRIPTION

pinentry-kwallet is a kwallet- and pinentry-based pass-phrase dialog for use with GnuPG. It is intended to be called from the gpg-agent(1) daemon and not invoked directly.
pinentry-kwallet replaces the regular pinentry-program stanza set in ~/.gnupg/gpg-agent.conf and looks up the passphrases requested in the KWallet first, falling back to pinentry only if not found. The user is given the option to store it in the KWallet afterwards. Negative answers to this are also stored in the KWallet to avoid asking each time.
pinentry-kwallet (like other pinentry variants) talks a simplified subset of the regular Assuan protocol on stdio; all commands, even unknown ones, are passed through to a pinentry co-process during run-time, even if the latter is never used. It accepts the same options as pinentry, even unknown ones, because it is designed to plug in. As an exception, -q makes pinentry-kwallet more quiet (suppress warnings on stderr), and -V displays the version on stderr (unless -q).
pinentry-kwallet attempts sophisticated error handling: if an error dialogue is displayed, an internal counter is increased. If the counter reaches 2, the value stored in the KWallet is ignored, and the user is asked anew. The counter is stored in the KWallet, which is suboptimal but necessary, because gpg2(1) does not re-use the Assuan sessions, instead spawning a new pinentry-kwallet each time a passphrase is required (rather stupid). Error counters are valid for 15 seconds since their last increasement.

RETURN VALUES

pinentry-kwallet exits 1 if it is called recursively, 0 if help or version information are requested, and return codes do not matter in any other cases because errors are signalled in-band. It will exit 0 after the Assuan session is terminated.

ENVIRONMENT

DISPLAY
The X11 display to use for child processes. If not set, pinentry-kwallet will immediately replace itself with the slave PINENTRY programme to use.
GPG_TERM
Terminal type of the current tty.
GPG_TTY
The current terminal.
PINENTRY
The pinentry programme to use. Default: “pinentry”

SEE ALSO

date(1), gpg-agent(1), gpg2(1), kwalletcli(1), kwalletcli_getpin(1), mksh(1), pinentry-curses(1), pinentry-gtk-2(1), pinentry-qt(1), pinentry-x11(1)

AUTHORS

pinentry-kwallet was written by Thorsten Glaser ⟨tg@mirbsd.org⟩ mostly for tarent GmbH.

CAVEATS

Some newer pinentry features, such as three-button operation, are not supported yet.
Some commands, such as version inquiry, as passed through to the pinentry coprocess indiscriminately, which may lead to strange results, should the protocol change or extend.
June 7, 2017 Debian