From owner-freebsd-ports@FreeBSD.ORG Tue Dec 23 13:44:19 2014 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82936BA4 for ; Tue, 23 Dec 2014 13:44:19 +0000 (UTC) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 54ECA1805 for ; Tue, 23 Dec 2014 13:44:19 +0000 (UTC) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id BC539209E4 for ; Tue, 23 Dec 2014 08:44:17 -0500 (EST) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Tue, 23 Dec 2014 08:44:17 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:x-sasl-enc:from:to :mime-version:content-transfer-encoding:content-type:subject :date:in-reply-to:references; s=smtpout; bh=J+fuyybQ+iDVkwyX48Ze MvIVpgY=; b=rFBawsnoJX35yNG8fUAxcg8D0LGhonYq1sbOXV4FvH6IUU0nNbvw ShTD9OeYIwXgO92h7Y/0v6o5MSSvj3tzbInQdCUa00ogIrnQQnnA+qcwz4LKfiSG LHDi43VtOk/6H2sreCbMj8Lgn+OvSsiivuVZItwjGxaSoI8iStsjxeY= Received: by web3.nyi.internal (Postfix, from userid 99) id 8FEA81101E4; Tue, 23 Dec 2014 08:44:17 -0500 (EST) Message-Id: <1419342257.1161578.206107753.2999EC08@webmail.messagingengine.com> X-Sasl-Enc: y+u0dcMuxR8gR26gzMT2oXVEXa2GPhkELtQQ+NTkKbTP 1419342257 From: Mark Felder To: freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-f9401346 Subject: Re: gnupg & pinentry Date: Tue, 23 Dec 2014 07:44:17 -0600 In-Reply-To: <20141222094630.GF52267@xtaz.uk> References: <20141222094630.GF52267@xtaz.uk> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Dec 2014 13:44:19 -0000 On Mon, Dec 22, 2014, at 03:46, Matt Smith wrote: > On Dec 22 22:33, Jonathan Chen wrote: > >Hi, > > > >Once upon a time, installing gnupg didn't require pinentry, and I > >could run it quite happily on the command line. However, nowadays if I > >install the port it drags in pinentry and a whole set of graphical > >libraries that I don't really need on a headless box. Is pinentry > >really required for gnupg to run correctly? > > > > I believe in version 2.1.x they made entering the passphrase via > pinentry basically mandatory and deprecated being able to do it via > stdin methods. So it probably pulls in pinentry by default now. For > binary packages this is unfortunatly going to default to all the front > ends which includes ones for X. For port based source installs you can > deselect the ones for X and only leave the ncurses one which then just > pulls in one extra dependancy. Unfortunately that's the downside of > binary package installs. > > FYI, you can also re-enable passphrases by stdin if required by adding > allow-loopback-pinentry to .gnupg/gpg-agent.conf and using the > --pinentry-mode=loopback command line switch to gpg. > It looks as though it would be feasible to write an extremely lightweight pinentry-compatible program to depend on so we can kill the dependency bloat and have a simple shell-based password entry option. Anyone up for a weekend challenge? :-)