https://bugs.kde.org/show_bug.cgi?id=458085

--- Comment #28 from michaelk83 <mk.mat...@gmail.com> ---
(In reply to michaelk83 from comment #27)
> A more robust approach is to check if the key/passphrase are already loaded 
> into gpg-agent,
> and if not, display a prompt and pre-load the passphrase before trying to 
> unlock.
This is also not ideal, since it will force manual entry of the passphrase.
This would break the workflow for users that prefer to use a smart-card, for
example.

The fundamental problem is that KWallet relies on an external tool (GPG) for
its encryption, instead of a library. If that tool tries to load the passphrase
from KWallet, we get this bug.

But I found that one should be able to control this for GPG using it's
`pinentry` setting - https://wiki.archlinux.org/title/GnuPG#pinentry . In
particular:
> `/usr/bin/pinentry-gtk-2` and `/usr/bin/pinentry-gnome3` support the DBus 
> Secret Service API,
> which allows for remembering passwords via a compliant manager such as GNOME 
> Keyring or KeePassXC.
The same problem should occur with the old KWallet API if `pinentry-kwallet` is
used.

So using a different pinentry program should fix this bug without changing any
code, and without the problems of the other solutions I've proposed above.
@nic.christin, could you try entering the following line in your
`gpg-agent.conf`:
> pinentry-program /usr/bin/pinentry-qt
You may need to install the `pinentry-qt` package.

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to