Decide which pinentry we want to ship
Originally created by @segfault on #11099 (Redmine)
We are currently shipping pinentry-gtk2 from Debian jessie.
There are multiple problems with it:
-
It causes the GNOME shell menus to become unresponsive (#11038 (closed))
-
It is not well integrated within GNOME (#9555 (closed))
-
It doesn’t allow pasting which makes it hardly usable with KeePassX, because it needs the autotype feature, which:
-
is unintuitive to use (in contrast to the copy/paste method, which every user knows how to use)
-
is buggy (#10940 (closed))
-
by default types the user name together with the passphrase, which won’t unlock the PGP key and keeps the user confused about what happened, because pinentry only displays dots instead of the characters typed
-
makes it much more likely to leak the password in general, as it types enter automatically after it types the password, so it automatically SENDS the password in IRC if you accidentally focussed the client before you use the autotype feature (this is not true in the case of the pinentry, because it grabs the keyboard - but I don’t think users should have to use the autotype at all)
Related issues
- Related to #9555 (closed)
- Related to #11038 (closed)
- Related to #11239 (closed)
- Related to #12733 (closed)