On Fri, Apr 15, 2011 at 11:47:34PM -0700, Todd A. Jacobs wrote: > Currently, it looks like pinentry-gtk-2 (I'm using 0.8.0) doesn't allow > pasting from the clipboard. This is annoying, because a truly long, > randomized password is not practical to type into a hidden dialog box. It > really seems like pinentry forces one to use short, insecure passwords.
Uhm, somewhat off-topic (so marked in the subject line), and... I really don't want to start a flamewar here, but there really, really *is* a bit of a middle ground between a "short, insecure passphrase" and a "long, randomly-generated one that simply must be copy/pasted" - namely, a long, non-randomly generated one that can be written out "by hand" :) Mine, for instance, is over 30 characters long and, while it is derived from a couple of phrases, none of its components would be found by any reasonable brute-force or even dictionary attack, even by people who know me (please note that I did say "reasonable" WRT resources). > One > supposes there is a trade-off in security here, but I'm more concerned about > brute-force attacks on the passphrase than I am about someone sniffing the > clipboard--it seems that if they have access to my clipboard, they can > probably log my keystrokes, anyway, right? So offline attacks against the > key's passphrase seem more likely. > > So, I really have two questions. First, is it possible to force pinentry > dialogs to allow pasting from the clipboard? Secondly, is it possible to > force the CLI to use an alternate pinentry (say, pinentry-curses) or some > other method to populate an existing gpg-agent with a cached passphrase? G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org pe...@packetscale.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If this sentence were in Chinese, it would say something else.
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
