1PINENTRY-KWALLET(1)       BSD General Commands Manual      PINENTRY-KWALLET(1)
2

NAME

4     pinentry-kwallet — kwallet-based pass-phrase dialog for use with GnuPG
5

SYNOPSIS

7     pinentry-kwallet [-q] [options]
8

DESCRIPTION

10     pinentry-kwallet is a kwallet- and pinentry-based pass-phrase dialog for
11     use with GnuPG.  It is intended to be called from the gpg-agent(1) daemon
12     and not invoked directly.
13
14     pinentry-kwallet replaces the regular pinentry-program stanza set in
15     ~/.gnupg/gpg-agent.conf and looks up the passphrases requested in the
16     KWallet first, falling back to pinentry only if not found.  The user is
17     given the option to store it in the KWallet afterwards.  Negative answers
18     to this are also stored in the KWallet to avoid asking each time.
19
20     pinentry-kwallet (like other pinentry variants) talks a simplified subset
21     of the regular Assuan protocol on stdio; all commands, even unknown ones,
22     are passed through to a pinentry co-process during run-time, even if the
23     latter is never used.  It accepts the same options as pinentry, even un‐
24     known ones, because it is designed to plug in.  As an exception, -q makes
25     pinentry-kwallet more quiet (suppress warnings on stderr), and -V dis‐
26     plays the version on stderr (unless -q).
27
28     pinentry-kwallet attempts sophisticated error handling: if an error dia‐
29     logue is displayed, an internal counter is increased.  If the counter
30     reaches 2, the value stored in the KWallet is ignored, and the user is
31     asked anew.  The counter is stored in the KWallet, which is suboptimal
32     but necessary, because gpg2(1) does not re-use the Assuan sessions, in‐
33     stead spawning a new pinentry-kwallet each time a passphrase is required
34     (rather stupid).  Error counters are valid for 15 seconds since their
35     last increasement.
36

RETURN VALUES

38     pinentry-kwallet exits 1 if it is called recursively, 0 if help or ver‐
39     sion information are requested, and return codes do not matter in any
40     other cases because errors are signalled in-band.  It will exit 0 after
41     the Assuan session is terminated.
42

ENVIRONMENT

44     DISPLAY   The X11 display to use for child processes.  If not set,
45               pinentry-kwallet will immediately replace itself with the slave
46               PINENTRY program to use.
47
48     GPG_TERM  Terminal type of the current tty.
49
50     GPG_TTY   The current terminal.
51
52     PINENTRY  The pinentry program to use.  Default: “pinentry”
53

SEE ALSO

55     date(1), gpg-agent(1), gpg2(1), kwalletcli(1), kwalletcli_getpin(1),
56     mksh(1), pinentry-curses(1), pinentry-gtk-2(1), pinentry-qt(1),
57     pinentry-x11(1)
58

AUTHORS

60     pinentry-kwallet was written by mirabilos <m@mirbsd.org> mostly for tar‐
61     ent solutions GmbH.
62

CAVEATS

64     Some newer pinentry features, such as three-button operation, are not
65     supported yet.
66
67     Some commands, such as version inquiry, as passed through to the pinentry
68     coprocess indiscriminately, which may lead to strange results, should the
69     protocol change or extend.
70
71BSD                            November 19, 2020                           BSD
Impressum