Need help doing gpg encryption without prompting for passphrase

John Clizbe John at Mozilla-Enigmail.org
Tue Sep 28 00:25:22 CEST 2010


BradBlake wrote:
> I could REALLY use some assistance – I need to encrypt a file with gpg (my
> Linux server is on version 1.2.6), I need to encrypt it with the public key
> from our client, and sign it with our private PGP key. I’ve got this all
> working (I imported their public key, and sent them our key), so I can run a
> command like this from the command line to encrypt the file:
> 
> gpg --armor --output encrypted_file.gpg --recipient "pgpadmin at ourclient.com"
> --local-user "myusername at mycompany.com" --sign --encrypt file_to_encrypt.txt
> 
> This works fine (and our client is able to decrypt), but it is prompting for
> my passphrase each time.  We want to set this up to run as an automated
> process via a script, without prompting for a passphrase.  So I was trying
> to follow the instructions found here:  http://www.gnupg.org/faq.html#q4.14
> 
<snip>

echo passphrase | gpg --armor --output encrypted_file.gpg 		\
	--recipient "pgpadmin at ourclient.com" --local-user 		\
 	"myusername at mycompany.com" --sign --encrypt file_to_encrypt.txt
/should/ work

You may want to look at using --passphrase-file <passFile> or
--passphrase-fd (see man page).

These problems go away by removing the passphrase from the key. Removing the
passphrase also removes the charade that things are all that secure when the
passphrase is in a file readable by anyone with enough access. ;-)


-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
FSF Assoc #995 / FSFE Fellow #1797  hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 483 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100927/f7b1f609/attachment.pgp>


More information about the Gnupg-users mailing list