Re: Web-based pinentry
yyy yyy at yyy.id.lv Thu Aug 30 12:48:45 CEST 2012 As of GnuPGv2, the --command-fd method of passing passphrases no longer seems to work. Is there an alternative I can use so that the pin entry interface is still a webpage? Please let me know what I can use to handle pin-entry in a web-based system. If I have understood correctly, in gpg2, in such cases you are supposed to use no passphrase at all. Where can I find documentation that recommends not using a passphrase? My understanding is a passphrase is important to protect private keys in the event they are acquired: http://www.gnupg.org/gph/en/manual/c481.html#AEN506 If I don't use a passphrase, how should I protect my key (other than making it difficult to physically access)? Cheers, Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Web-based pinentry
Hello, I'm the maintainer of a PHP package that integrates with GnuPG (https://github.com/gauthierm/Crypt_GPG) The package is used on a website to allow decrypting stored messages. This is accomplished using the --status-fd and --command-fd options of GnuPG, allowing the passing of passphrases. As of GnuPGv2, the --command-fd method of passing passphrases no longer seems to work. Is there an alternative I can use so that the pin entry interface is still a webpage? I would continue to use GnuPGv1, but distributions have stopped including it by default and no longer provide packages. Please let me know what I can use to handle pin-entry in a web-based system. Thanks, Mike ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Controlling number of passphrase attempts
Hi, Is it possible to control the number of times GPG asks for a passphrase? I'm writing a library using GPG with the --status-fd and --command-fd arguments. When a bad passphrase is provided, GPG tried three times to get the correct passphrase. I'd like it to try once and then fail. I would use --passphrase-fd except it does not support entering more than one passphrase in the case that something is decrypted or signed using multiple keys. Thanks, PS: Please CC me as I'm not on the list. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users