Few questions

Werner Koch wk at isil.d.shuttle.de
Thu Jul 23 19:43:11 CEST 1998

lannert at uni-duesseldorf.de writes:

> > 	echo "Secret and geheime Passphrase" | pgp --passphrase-fd 0 ...
> This exposes the passphrase as well (as long as the echo process is

Ah yes, sure.  I wrote this to demonstrate that feature.  Most shells
have "echo" build in so it is not a different process and the
commandline history is another source of unsecurity ;-).  Mutt does it
correct by writing the password to a pipe - A better solution is a 
kind of password agent like the ssh-agent which can provide the
passphrase in a shared locked memory page.  I'll do this kind of stuff
to integrate gnupg with GnomePGP.


More information about the Gnupg-devel mailing list