Re: sudo + gpg - howto?

To: debian-user@lists.debian.org
Subject: Re: sudo + gpg - howto?
From: Michael Luecke <mluecke@mailbox.org>
Date: Sun, 27 Nov 2016 12:12:48 +0100
Message-id: <[🔎] c2abfad3-8cba-790f-91c6-6a7ca06c9ead@mailbox.org>
In-reply-to: <[🔎] 87k2bp70fu.fsf@alfa.kjonca>
References: <[🔎] 87k2bp70fu.fsf@alfa.kjonca>

On 11/27/2016 10:10 AM, Kamil Jońca wrote:

2. cannot run pinentry (my guess is that tty is owned by user kjonca and
pinentry should be as user backup)

That's the problem. The owner of ttyX must match with the user for whichpinentry is running.


You could change the permissions of tty to the backup user with
# chown backup /dev/ttyX

So my questions are:
1. is it possible to use passphrase-fd/passphrase-file options?
2. if not, how can I configure gpg/gpgagen/sudo/whatever in order to
enter passphrase as sudo target  user?

You could also try putting the option "allow-loopback-pinentry" to~/.gnupg/gpg-agent.conf and restarting the agent.

Then you could start gpg with '--pinentry-mode loopback' or put"pinentry-mode loopback" to ~/.gnupg/gpg.conf.

That worked for me with GnuPG 2 some time ago when I had a similarproblem with duplicity.


Best Regards,
Michael

Reply to:

Follow-Ups:
- Re: sudo + gpg - howto?
  - From: kjonca@poczta.onet.pl (Kamil Jońca)

References:
- sudo + gpg - howto?
  - From: kjonca@poczta.onet.pl (Kamil Jońca)

Prev by Date: How to get ssh to run in daemon script
Next by Date: Re: Error message from GParted, means what?
Previous by thread: sudo + gpg - howto?
Next by thread: Re: sudo + gpg - howto?
Index(es):
- Date
- Thread