If the passphrase is passed in as a parameter to the script, the
passphrase will be clearly visible in the process list (on Unix/
Linux) (via the "ps" command).
To be honest, there is really no way to properly secure a passphrase
for an automated system if the passphrase exists anywhere on t
Thank you guys. Both the "cat pipe" way and the "<" way work well.
David, yes you made a very good point of not hard-coding the
passphrase or its file name. In my current script, I have a variable
to hold the passphrase file name. The actual file name is passed in
as a parameter when I call the
David Shaw wrote:
> Again, though, if you're going to actually code the passphrase into
> the script itself, why have a passphrase at all?
On this subject, you should also know that, if you can enter your
passphrase on the system once each time the system starts up, you may
find a combination of g
The 0 in "--passphrase-fd 0" is the number of the file descriptor
from which gpg will read the passphrase. In this case, 0, is stdin.
Since you didn't attach stdin to a pipe or a file through
redirection, stdin is still attached to your terminal. You aren't
being "prompted" for your passphr
Thanks, David. I still have a question though:
In my script, I used the command
"gpg --batch --passphrase-fd 0 -d [INPUTFILE]"
to decrypt my "INPUTFILE". When I run the script, it pauses and wait
for the passphrase. If I enter the passphrase, the script goes
through well. If I hit enter withou
On Tue, Apr 17, 2007 at 10:27:35AM -0500, jane grove wrote:
> Thanks, David. I still have a question though:
>
> In my script, I used the command
> "gpg --batch --passphrase-fd 0 -d [INPUTFILE]"
> to decrypt my "INPUTFILE". When I run the script, it pauses and wait
> for the passphrase. If I en
On Sat, Apr 14, 2007 at 10:23:24PM -0500, jane grove wrote:
> Hello,
> I am trying to use the GnuPG command "decrypt" in batch mode (i.e. in a
> script).
> When I use the option "--batch", I don't have a way to enter the user
> id or passphrase.
Look at the --passphrase-fd, --passphrase-file, or
Hello,
I am trying to use the GnuPG command "decrypt" in batch mode (i.e. in a script).
When I use the option "--batch", I don't have a way to enter the user
id or passphrase.
In batch mode, the gpg command cannot be interactive.
I tried "gpg --batch --decrypt filename userid", but it didn't work.
