Is there some way of configuring pinentry-mac, which I currently use to enter the passphrase for my OpenPGP card (a Yubikey), or a different program that'll store the passphrase in the macOS 'Keychain', so that I just have to use 'TouchID' rather than type it out?
Asked
Active
Viewed 1,659 times
5
OJFord
- 621
- 3
- 8
- 20
-
See the article [Set up Keybase.io, GPG & Git to sign commits on GitHub](https://github.com/pstadler/keybase-gpg-github) and especially the section "Optional: In case you're prompted to enter the password every time" which describes using gpg-agent with pinentry-mac. – harrymc Feb 24 '20 at 07:08
-
Post seems to be dead. – harrymc Mar 02 '20 at 20:54
1 Answers
4
I was looking into something similar (minus the Yubikey) and found out that pinentry-mac does not support Touch ID (not yet at least). I ended up writing pinentry-touchid a "wrapper"/integration around pinentry-mac that asks confirmation (via Touch ID) when retrieving the password from the macOS Keychain.
I do not currently have a Yubikey, but pinentry-touchid speaks the assuan IPC protocol to communicate with the gpg-agent. I'm guessing that it should work in this case as well. If something doesn't work, feel free to open an issue.
Jorge Luis
- 141
- 5