Skip to content
Snippets Groups Projects
Unverified Commit 32561916 authored by Sebastian Wieland's avatar Sebastian Wieland
Browse files

Automatic pinentry

parent 625bf322
No related branches found
No related tags found
1 merge request!1Automatic pinentry
......@@ -63,6 +63,14 @@ Then, add the following command to gnome-autostart. You should know how to auto-
/path/to/this/project/unlock_keyrings.sh /path/to/your_secret
```
Optionally, if you don't want to enter your GPG smartcard pin every time you log in, add it as parameter to the command. If your pin is e.g. 123456:
```
/path/to/this/project/unlock_keyrings.sh /path/to/your_secret 123456
```
This obviously weakens the security of the private key, so obviously only do this if you're comfortable with having your pin stored on your disk in plain text.
You're all set! Re-login and have a try!
## FAQ
......
......@@ -3,8 +3,9 @@
_self_bin_name="$0"
secret_file="$1"
smartcard_pin="$2"
[[ "$secret_file" = '' ]] && echo "Usage: $0 <secret_file>" && exit 1
[[ "$secret_file" = '' ]] && echo "Usage: $0 <secret_file> [<smartcard pin>]" && exit 1
function where_is_him () {
SOURCE="$1"
......@@ -22,8 +23,13 @@ function where_am_i () {
[[ "$_my_path" = "" ]] && where_is_him "$_self_bin_name" || where_is_him "$_my_path"
}
gpg_options=()
if [[ ! "$smartcard_pin" = '' ]]; then
gpg_options=("--pinentry-mode" "loopback" "--passphrase" "$smartcard_pin")
fi
cd `where_am_i` &&
gpg --decrypt "$secret_file" | bin/unlock_keyrings --secret-file - --quiet
gpg "${gpg_options[@]}" --decrypt "$secret_file" | bin/unlock_keyrings --secret-file - --quiet
exit $?
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment