pinentry doesn't allow pasting password

[yegct]

On Linux, you use pinentry to collect the password. pinentry does not allow pasting from the copy-paste buffer.

I believe this is for security; the hope is that you never store the password in plain-text anywhere.

However, that's overly restrictive for me. I'd prefer to use a stronger password than I can possibly memorise, protected using full-disk encryption and 2FA. It would be far more convenient for me if you allowed me to paste my password, perhaps accompanied by a warning.

This may already be possible with pinentry and I just don't know how to configure it. Alternatively, this may be impossible with pinentry and you should consider allowing alternate programs to collect the passphrase.

[cjb]

As I understand it, pinentry is something of a protocol -- if you don't like the program providing /usr/bin/pinentry (probably pinentry-gtk-2) on your machine, you can install a different one, like perhaps pinentry-qt4.

I believe this is for security; the hope is that you never store the password in plain-text anywhere.

Another reason might be that X clients all share access to the clipboard, so you'd have to trust all of the ones you're running.

[yegct]

pinentry-qt4 also prevents pasting. Uninstalling these and installing pinentry-curses switches to a non-graphical UI which does allow pasting successfully.

[guiambros]

Thanks @cliochris; removing pinentry-qt4 and pinentry-gtk2 and keeping only pinentry-curses solved for me as well.

[daurnimator]

The keybase client will unconditionally use pinentry-gtk-2 if it exists.
Please provide a way to turn this off: I don't want to uninstall it, but I don't want keybase to use it

[maxtaco]

keybase config set pinentry.path /path/to/your/pinentry

[daurnimator]

@maxtaco thanks.

Also, keybase should have an option similar to gpg-agent's 'no-grab' which stops pinentry from stealing all input