On 16/05/17 13:31, Dan Kegel wrote: > That wasn't my experience. I used keys with no passphrase, > and *still* had to use loopback (and jump through other hoops) to get > gpg to work unattended.
I was talking about the things one usually does on a headless server, which is decryption and data signatures. I'm unaware of this having any issues, and I don't see you mention them in your referenced posts either. I haven't ever heard unattended certifications being discussed, I don't know if it is straightforward. With regards to key management, this is often something a logged in human user does and can hence do without having to wrestle unattended stuff. I understand this doesn't always apply, but the OP here was talking about decryption, not key management. That should be straightforward. When I say, by the way, that having no passphrase is better than using a passphrase which is literally contained in a script, I'm saying that it is usually better, not that it is always appropriate. It might be appropriate to solve it in a different way, but a passphrase literally in a script is probably not it. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
