Control: forwarded 840687 https://bugs.gnupg.org/gnupg/issue2758 Control: retitle 840687 gpg does not cope well with long passphrases
On Fri 2016-10-14 03:29:34 -0400, Josef Vítů wrote: > thanks for your prompt reply. The test setup worked just fine, but > after debugging gpg-agent as you suggested (with a higher debug-level, > though) I know where the problem is. Attaching the log is pointless I > think, as the critical line is clearly here: > > DBG: chan_10 -> SETERROR Passphrase too long (try 2 of 3) > > Looks like pinentry cannot handle passwords longer than 255 ASCII > characters (at least in my case), and there's even an abandoned bug > report about that, so maybe I should move there? > > https://bugs.gnupg.org/gnupg/issue1592 ah yes, sounds like you've found the issue. I'm retitling this bug report, because gpg should at least tell you that it doesn't like the length of your passphrases, rather than leaving it to fail mysteriously. there's also: https://bugs.gnupg.org/gnupg/issue2038 I've also just done some additional experimentation with ultra-long passphrases and the result is this additional upstream bug report: https://bugs.gnupg.org/gnupg/issue2758 fwiw, i don't think you should need more than 128 characters or so for a really strong passphrase (plain english is about 1 bit of entropy per character, and passphrases longer than 128 bits of entropy are probably pointless), and gpg's limits are supposed to be ~256 characters. But still, gpg should make those limits much more clear to the user. --dkg
signature.asc
Description: PGP signature

