Few questions
lannert at uni-duesseldorf.de
lannert at uni-duesseldorf.de
Thu Jul 23 18:51:20 CEST 1998
"Werner Koch" wrote:
> > 2) A passphrase argument
> > It would be nice, if the passphrase can be passed to gpg as a commandline
> > argument in batchmode (like pgps ... -z <passphrase>).
> > I did not found the possibility yet. It would be easier then to integrate gpg
> > into a mailer like exmh.
>
> NO! Try this:
>
> ps -aw
>
> and everyone can see the passphrase.
>
> I suggest you do this:
>
> echo "Secret and geheime Passphrase" | pgp --passphrase-fd 0 ...
This exposes the passphrase as well (as long as the echo process is
running), I'm afraid. Better put the passphrase into a sufficiently
well-protected(*) file and 'cat filename | gpg --passphrase-fd 0 ...'.
(*) whatever that means ... you won't protect anything against root;
command arguments, however, are visible to anybody who's logged in.
Detlef
More information about the Gnupg-devel
mailing list