Decide which pinentry we want to ship
We are currently shipping pinentry-gtk2
from Debian jessie.
There are multiple problems with it:
* It causes the GNOME shell menus to become unresponsive (#11038 (closed))
* It is not well integrated within GNOME (#9555 (closed))
* It doesn’t allow pasting which makes it hardly usable with KeePassX,
because it needs the autotype feature, which:
* is unintuitive to use (in contrast to the copy/paste method, which
every user knows how to use)
* is buggy (#10940 (closed))
* by default types the user name together with the passphrase, which
won’t unlock the PGP key and keeps the user confused about what
happened, because pinentry only displays dots instead of the characters
typed
* makes it much more likely to leak the password in general, as it
types enter automatically after it types the password, so it
automatically SENDS the password in IRC if you accidentally focussed the
client before you use the autotype feature (this is not true in the case
of the pinentry, because it grabs the keyboard - but I don’t think users
should have to use the autotype at all)
Related issues
- Related to #9555 (closed)
- Related to #11038 (closed)
- Related to #11239 (closed)
- Related to #12733 (closed)
Original created by @segfault on 11099 (Redmine)