From 49af92e1a8fb3c3928a8b2e5ebc67e60cb927beb Mon Sep 17 00:00:00 2001
From: Jaromil <jaromil@dyne.org>
Date: Fri, 24 Oct 2014 01:35:29 +0200
Subject: [PATCH] added documentation about pinentry to manual, fix #115

---
 doc/tomb.1 | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/doc/tomb.1 b/doc/tomb.1
index 09fa0a2..9449f5a 100644
--- a/doc/tomb.1
+++ b/doc/tomb.1
@@ -291,6 +291,15 @@ whole system's security: just add such a line to \fI/etc/sudoers\fR:
 	username ALL=NOPASSWD: /usr/local/bin/tomb
 .EE
 
+Password input is handled by the pinentry program: it can be text
+based or graphical and is usually configured with a symlink. When
+using Tomb in X11 it is better to use a graphical pinentry-gtk2 or
+pinentry-qt because it helps preventing keylogging by other X
+clients. When using it from a remote ssh connection it might be
+necessary to force use of pinentry-curses for instance by unsetting
+the DISPLAY environment var.
+
+
 .SH SWAP
 
 On execution of certain commands Tomb will complain about swap memory