On Wednesday 29 October 2014 at 22:29:07, Florin Andrei wrote: > Ideally, I would run a script, have the user type in the new PIN, and > the script would run "gpg --change-pin", do another thing with the PIN > string after that, then discard it. > > The problem, of course, is that pinentry is launched. Now the user has > to type the PIN several times. It's cumbersome and error-prone.
The idea of pinentry is that there is a most direct connection between the user and the gpg-agent, holding the secret key. It does not want to let other software do "another thing" with the PIN string. ;) And then, of course, if a user is to set a new pin, he or she should be able to easily type it in correctly a second time. >:) You could develop your own pinentry application. Note that pinentry-0.9 in some variants can do the two entries in one dialog. Best, Bernhard -- www.intevation.de/~bernhard (CEO) www.fsfe.org (Founding GA Member) Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998 Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
