-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gerhard Siegesmund wrote: > Hello List > > I don't know, whether this is a dump thing to do, but I had the > following idea, which I unfortunately didn't get to work. > > I am working on linux (debian) with gpg (GnuPG) 1.4.0. > > Say, I have a encrypted file somewhere on a server on the net. > Naturally I don't have my private key on that "unsave" server. I want > to use the output of the encrypted file in a pipe to do something with > it. > > I don't like the idea to send the encrypted file back to my home-server > to decrypt it there and then send back the decrypted file to the > work-server. Also this would work, I would have to remember to remove > the decrypted file after the action. > > My idea was to do something like the following: > > cat encrypted_file.gpg | ssh [EMAIL PROTECTED] gpg --decrypt | do_something.sh > > I don't want to do this automatically! Interactivly is great, as this > secures my private key with two passwords. The ssh-password and the > gpg-passphrase. > > Unfortunatly this doesn't work. > > The obvious fix seems to be > > cat encrypted_file.gpg | ssh -tt [EMAIL PROTECTED] gpg --decrypt | > do_something.sh > > which doesn't work either. > > So. Does this way sound correctly in your ears? How about security > (apart from the point, that my homeserver is available from the net, > which I know lowers my security a lot. I hope, my password is good > enough.)? Is this at all possible? > > My main-point is to hold the private key on one server and not copy it > all over the internet.
Dunno about the piping. Have you considered copying the encrypted file with scp, the opening a ssh sheel to decrypt & run? - -- John P. Clizbe Inet: JPClizbe(a)comcast DOT nyet Golden Bear Networks PGP/GPG KeyID: 0x608D2A10 "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Be part of the £33t ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFCPU5BHQSsSmCNKhARAvWwAJ4s9CSt5za//B5K1/Lub+2zb0LloACguTY/ s+17+W9qXwXGxRYSXazQFQk= =OFTm -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
