mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-28 15:56:33 +00:00
Man: merge section on Password Input
Somehow this section existed two times in the man page with similar information. Enhance it with notes regarding wayland and adjust the recommened pinentry programs. GTK2 is long time EOL and actively being fased out by distributions, which makes pinentry-gtk2 obsolete. pinentry-tty will work on every headless system or from a textual interface. pinentry-curses may end up starting if the respective ncurses is available.
This commit is contained in:
parent
75aafc0c8c
commit
be533b3995
36
doc/tomb.1
36
doc/tomb.1
@ -424,12 +424,23 @@ To avoid that tomb execution is logged by \fIsyslog\fR also add:
|
||||
|
||||
Password input is handled by the pinentry program: it can be text
|
||||
based or graphical and is usually configured with a symlink. When
|
||||
using Tomb in X11 it is better to use a graphical pinentry-gtk2 or
|
||||
pinentry-qt because it helps preventing keylogging by other X
|
||||
clients. When using it from a remote ssh connection it might be
|
||||
necessary to force use of pinentry-curses for instance by unsetting
|
||||
the DISPLAY environment var.
|
||||
using Tomb in a graphical environment (X11 or Wayland) it is better
|
||||
to use either pinentry-gtk2 (deprecated), pinentry-gnome or
|
||||
pinentry-qt because it helps preventing keylogging by other clients.
|
||||
When using it from a remote ssh connection it might be necessary to
|
||||
force use of pinentry-tty for instance by unsetting the DISPLAY (X11)
|
||||
or WAYLAND_DISPLAY (Wayland) environment var.
|
||||
This program pinentry works in conjunction with
|
||||
"gpg-agent", a daemon running in background to facilitate secret key
|
||||
management with gpg. It is recommended one runs "gpg-agent" launching
|
||||
it via the respective session initialization (in X "~/.xsession" or
|
||||
"~/.xinitrc" files) with this command:
|
||||
|
||||
.EX
|
||||
eval $(gpg-agent --daemon --write-env-file "${HOME}/.gpg-agent-info")
|
||||
.EE
|
||||
|
||||
In the future it may become mandatory to run gpg-agent when using tomb.
|
||||
|
||||
.SH SWAP
|
||||
|
||||
@ -472,21 +483,6 @@ in ".zshrc":
|
||||
alias tomb=' tomb'
|
||||
.EE
|
||||
|
||||
.SH PASSWORD INPUT
|
||||
|
||||
Tomb uses the external program "pinentry" to let users type the key password
|
||||
into a terminal or a graphical window. This program works in conjunction with
|
||||
"gpg-agent", a daemon running in background to facilitate secret key
|
||||
management with gpg. It is recommended one runs "gpg-agent" launching it from
|
||||
the X session initialization ("~/.xsession" or "~/.xinitrc" files) with this
|
||||
command:
|
||||
|
||||
.EX
|
||||
eval $(gpg-agent --daemon --write-env-file "${HOME}/.gpg-agent-info")
|
||||
.EE
|
||||
|
||||
In the future it may become mandatory to run gpg-agent when using tomb.
|
||||
|
||||
.SH SHARE A TOMB
|
||||
A tomb key can be encrypted with more than one recipient. Therefore, a
|
||||
tomb can be shared between different users. The recipients are given
|
||||
|
Loading…
Reference in New Issue
Block a user