With gpg2; it seems that as soon as you cat a batch.command sequence in - one
can no longer use a pure terminal style TTY approach to having the agent fetch
your password (gpg: signing failed: Inappropriate ioctl for device, gpg:
make_keysig_packet failed: Inappropriate ioctl for device) as soon as the TTY
is used for the patch file.
Instead on 2.1.15 one has to use allow-loopback-pinentry in the gpg-agent.conf
to make constructs such as:
cat batch.commands | gpg2 --no-tty —batch —passphrase-XX XX
--command-fd 0 --pinentry-mode loopback …
possible to make this work. And that works fine.
Now obviously that leaves the tasks of getting the password to something to put
it in file, filedescriptor or cmd-arg. Which is not ideal. As gpg-agent and
pineentry are made for that.
So - is there any way to allow a (for the occasionally specially started
gpg-agent) to ask and pre-cache the password ?
And then let the batch.commands (which does a complex dance of subkey renewal
and some chip card shuffling) run against that ?
Or to somehow use a pure TTY based pinentry in such a setting (it is an off
line machine with barely more than a serial connection).
Insights much appreciated !
Dw.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
