Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pinentry-kwallet(1) [debian man page]

PINENTRY-KWALLET(1)					    BSD General Commands Manual 				       PINENTRY-KWALLET(1)

NAME

     pinentry-kwallet -- kwallet-based pass-phrase dialog for use with GnuPG

SYNOPSIS

     pinentry-kwallet [-q] [options]

DESCRIPTION

     pinentry-kwallet is a kwallet- and pinentry-based pass-phrase dialog for use with GnuPG.  It is intended to be called from the gpg-agent(1)
     daemon and not invoked directly.

     pinentry-kwallet replaces the regular pinentry-program stanza set in ~/.gnupg/gpg-agent.conf and looks up the passphrases requested in the
     KWallet first, falling back to pinentry only if not found.  The user is given the option to store it in the KWallet afterwards.  Negative
     answers to this are also stored in the KWallet to avoid asking each time.

     pinentry-kwallet (like other pinentry variants) talks a simplified subset of the regular Assuan protocol on stdio; all commands, even unknown
     ones, are passed through to a pinentry co-process during run-time, even if the latter is never used.  It accepts the same options as
     pinentry, even unknown ones, because it is designed to plug in.  As an exception, -q makes pinentry-kwallet more quiet (suppress warnings on
     stderr), and -V displays the version on stderr (unless -q).

     pinentry-kwallet attempts sophisticated error handling: if an error dialogue is displayed, an internal counter is increased.  If the counter
     reaches 2, the value stored in the KWallet is ignored, and the user is asked anew.  The counter is stored in the KWallet, which is suboptimal
     but necessary, because gpg2(1) does not re-use the Assuan sessions, instead spawning a new pinentry-kwallet each time a passphrase is
     required (rather stupid).	Error counters are valid for 15 seconds since their last increasement.

RETURN VALUES

     pinentry-kwallet exits 1 if it is called recursively, 0 if help or version information are requested, and return codes do not matter in any
     other cases because errors are signalled in-band.	It will exit 0 after the Assuan session is terminated.

ENVIRONMENT

     DISPLAY   The X11 display to use for child processes.  If not set, pinentry-kwallet will immediately replace itself with the slave PINENTRY
	       programme to use.

     GPG_TERM  Terminal type of the current tty.

     GPG_TTY   The current terminal.

     PINENTRY  The pinentry programme to use.  Default: ``pinentry''

SEE ALSO

     date(1), gpg-agent(1), gpg2(1), kwalletcli(1), kwalletcli_getpin(1), mksh(1), pinentry-curses(1), pinentry-gtk-2(1), pinentry-qt(1),
     pinentry-x11(1)

AUTHORS

     pinentry-kwallet was written by Thorsten Glaser <tg@mirbsd.org> mostly for tarent GmbH.

CAVEATS

     Some newer pinentry features, such as three-button operation, are not supported yet.

     Some commands, such as version inquiry, as passed through to the pinentry coprocess indiscriminately, which may lead to strange results,
     should the protocol change or extend.

BSD
								   May 10, 2011 							       BSD

Check Out this Related Man Page

GPG-PRESET-PASSPHRASE(1)					 GNU Privacy Guard					  GPG-PRESET-PASSPHRASE(1)

NAME

       gpg-preset-passphrase - Put a passphrase into gpg-agent's cache

SYNOPSIS

       gpg-preset-passphrase [options] [command] cache-id

DESCRIPTION

       The  gpg-preset-passphrase  is a utility to seed the internal cache of a running gpg-agent with passphrases.  It is mainly useful for unat-
       tended machines, where the usual pinentry tool may not be used and the passphrases for the to be used keys are given at machine startup.

       Passphrases set with this utility don't expire unless the --forget option is used to explicitly clear them from the cache --- or  gpg-agent
       is  either  restarted  or  reloaded (by sending a SIGHUP to it).  It is necessary to allow this passphrase presetting by starting gpg-agent
       with the --allow-preset-passphrase.

       gpg-preset-passphrase is invoked this way:

	 gpg-preset-passphrase [options] [command] cacheid

       cacheid is either a 40 character keygrip of hexadecimal characters identifying the key for which the passphrase should be set  or  cleared.
       The keygrip is listed along with the key when running the command: gpgsm --dump-secret-keys.  Alternatively an arbitrary string may be used
       to identify a passphrase; it is suggested that such a string is prefixed with the name of the application (e.g foo:12346).

       One of the following command options must be given:

       --preset
	      Preset a passphrase. This is what you usually will use. gpg-preset-passphrase will then read the passphrase from stdin.

       --forget
	      Flush the passphrase for the given cache ID from the cache.

	      The following additional options may be used:

       -v

       --verbose
	      Output additional information while running.

       -P string

       --passphrase string
	      Instead of reading the passphrase from stdin, use the supplied string as passphrase.  Note that this makes  the  passphrase  visible
	      for other users.

SEE ALSO

       gpg(1), gpgsm(1), gpg-agent(1), scdaemon(1)

       The full documentation for this tool is maintained as a Texinfo manual.	If GnuPG and the info program are properly installed at your site,
       the command

	 info gnupg

       should give you access to the complete manual including a menu structure and an index.

GnuPG 2.0.19							    2014-06-26						  GPG-PRESET-PASSPHRASE(1)
Man Page