On 11/27/2016 10:10 AM, Kamil Jońca wrote:
2. cannot run pinentry (my guess is that tty is owned by user kjonca and pinentry should be as user backup)
That's the problem. The owner of ttyX must match with the user for which pinentry is running.
You could change the permissions of tty to the backup user with # chown backup /dev/ttyX
So my questions are: 1. is it possible to use passphrase-fd/passphrase-file options? 2. if not, how can I configure gpg/gpgagen/sudo/whatever in order to enter passphrase as sudo target user?
You could also try putting the option "allow-loopback-pinentry" to ~/.gnupg/gpg-agent.conf and restarting the agent.
Then you could start gpg with '--pinentry-mode loopback' or put "pinentry-mode loopback" to ~/.gnupg/gpg.conf.
That worked for me with GnuPG 2 some time ago when I had a similar problem with duplicity.
Best Regards, Michael