[Fwknop-discuss] fwknop gpg passphrase twice
Brought to you by:
mbr
From: Morgan S. <moo...@gm...> - 2012-04-26 21:33:45
|
Good afternoon :D When running fwknop with gpg options I am asked twice for the passphrase. The first time appears to be fwknop itself with the prompt, "Enter passphrase for signing:", and the next time appears to be pinentry. Is this expected behavior or should fwknop somehow slip pinentry the passphrase? Forgive the following verbosity if it's unecessary ;-) Here is the cmd I used: $ fwknop -A "tcp/22" --gpg-recipient-key A722C2C6 --gpg-signer-key D0A83360 -s -D myserver.com If I use another terminal to look at a process listing, here are some things that I see: $ ps auxw --forest | grep -A5 [g]pg <snip> moondog 14197 0.0 0.4 3436 1416 pts/3 SL+ 15:12 0:00 gpg --enable-special-filenames --no-sk-comment --status-fd 4 --no-tty --charset utf8 --enable-progress-filter --ttyname /dev/pts/3 --ttytype screen.linux --command-fd 5 --encrypt --sign --always-trust -r 56FF16D3D185E32B6B7F651942D2496DA722C2C6 -u E480D0A3D0A83360 --output - -- -&9 moondog 14199 0.0 0.3 2532 972 pts/3 SL+ 15:12 0:00 \_ gpg-agent --server moondog 14200 0.0 0.3 2044 884 pts/3 SL+ 15:12 0:00 \_ pinentry </snip> According to strace and lsof, pinentry is waiting to read on file handle 3: $ strace -fp 14200 Process 14200 attached - interrupt to quit read(3, ^C <unfinished ...> Process 14200 detached $ lsof -p 14200 | awk '$4 ~ /3/ {print $0}' pinentry 14200 moondog 3r CHR 136,3 0t0 6 /dev/pts/3 Strace says that gpg-agent is preforming a select however I don't see a file descriptor in lsof: $ strace -fp 14199 Process 14199 attached - interrupt to quit select(8, [3 7], [], [], NULL^C <unfinished ...> Process 14199 detached $ lsof -p 14199 | awk '$4 ~/8/ {print $0}' $ Strace says that gpg is trying to read from file handle 10 which appears to be a pipe: $ strace -fp 14197 Process 14197 attached - interrupt to quit read(10, ^C <unfinished ...> Process 14197 detached $ lsof -p 14197 | awk '$4 ~ /10/ {print $0}' gpg 14197 moondog 10r FIFO 0,6 0t0 4656092 pipe -- Morgan |