-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pinentry doesn't allow pasting password #2688
Comments
As I understand it, pinentry is something of a protocol -- if you don't like the program providing /usr/bin/pinentry (probably pinentry-gtk-2) on your machine, you can install a different one, like perhaps pinentry-qt4.
Another reason might be that X clients all share access to the clipboard, so you'd have to trust all of the ones you're running. |
pinentry-qt4 also prevents pasting. Uninstalling these and installing pinentry-curses switches to a non-graphical UI which does allow pasting successfully. |
Thanks @cliochris; removing |
The keybase client will unconditionally use pinentry-gtk-2 if it exists. |
|
@maxtaco thanks. Also, keybase should have an option similar to gpg-agent's 'no-grab' which stops pinentry from stealing all input |
On Linux, you use pinentry to collect the password. pinentry does not allow pasting from the copy-paste buffer.
I believe this is for security; the hope is that you never store the password in plain-text anywhere.
However, that's overly restrictive for me. I'd prefer to use a stronger password than I can possibly memorise, protected using full-disk encryption and 2FA. It would be far more convenient for me if you allowed me to paste my password, perhaps accompanied by a warning.
This may already be possible with pinentry and I just don't know how to configure it. Alternatively, this may be impossible with pinentry and you should consider allowing alternate programs to collect the passphrase.
The text was updated successfully, but these errors were encountered: