marcus.brinkmann at ruhr-uni-bochum
Aug 11, 2008, 10:32 AM
Post #2 of 2
(155 views)
Permalink
|
|
Re: Passphrase caching with gpgme and gpg2
[In reply to]
|
|
At Fri, 08 Aug 2008 13:41:57 +0200,
Florian Schwind <f.schwind[at]chili-radiology.com> wrote:
>
> Hi.
>
> With gpg-1.4.9 I used the passphrase_cb() from gpgme to handle
> passphrases. What is the recommended way to handle the passphrase with
> gpgme and gpg2? Since I'm building a server application I can not use
> any form of dialog-box.
Use gpg-agent and gpg-preset-passphrase. That should already work,
but if it doesn't, it shouldn't be too hard to make it work (we only
tested it for smart cards so far).
Then your key is at least protected when the machine is off. However,
you have to call gpg-preset-passphrase interactively.
If you can't do that, why bother have a passphrase at all? The
simplest solution is to leave the key unprotected (as it is anyway if
you keep the password on the machine).
Alternatively, you can script your own pinentry replacement for use
with gpg-agent. See gpgme test suite for an example how to do this.
There are more ways, but this should get you started.
Marcus
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
|
