Hi all, I'm wondering if anyone uses gpg piping data to it (on a *nix system) while also providing a passphrase-fd? Might be more of a bash / shell question that GPG itself...
Example: I want to create an encrypted archive. I don't want to write the passphrase to the local fs and don't want it to be visible in the process list. To create an archive, and then encrypt it using a variable in 2 steps: tar zxf dir.tgz dir echo $PASSPHRASE | gpg -c --passphrase-fd 0 -o dir.tgz.gpg dir.tgz This way, the passphrase is never written to the fs and does not show up in the process list - it is only in-memory. Is it possible to do this in a single step using a different FD some how? I can do it with a redirect from a file.... tar zcf - /path/to/stuff | gpg -c --passphrase-fd 0 -o dir.tgz.gpg 1<> passphrase-file But how can it be done from a variable? tar zcf - /path/to/stuff | gpg -c --passphrase-fd 0 -o dir.tgz.gpg 1<>$(echo $passphrase-var) The last command doesn't work, but sort of indicates what I'm trying to do. (I've read the previous threads discussing "why even bother encrypting if you don't trust the system" and other "why" questions. There may be flaws in this approach too, this is purely for "because I want to know how to do it this way" sort of question). Thanks, Brett
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
