sending interactive passwords
Adam M.
adamm at san.rr.com
Mon Jun 30 03:56:48 CEST 2008
I just discovered --command-fd. It's pretty poorly documented, but it
seems to do the trick. Excellent! Sorry for the "unnecessary" posts, but
I searched the archives and didn't find a solution.
Hopefully this will help the next person.
Adam M. wrote:
> Adam M. wrote:
>> It seems to me that it is impossible to send multiple passwords to GPG
>> without direct user interaction on a TTY...
>
> It's even worse with decryption, because I don't know beforehand which
> key's password to ask for, or whether a key will be used at all (the
> data might have been symmetrically encrypted).
>
> I suppose the thing to do is run GPG first, let it fail, try to figure
> out which password to ask for, and then run it again. But then I can't
> support arbitrary data streams (for instance network streams) because
> they can't necessarily be read, rewound, and read again. I could write
> them to a temp file on disk, but I prefer not to leave bits on the hard
> drive unnecessarily.
>
> I think it would really complete the GPG interface to have interactive
> password querying. It already issues NEED_PASSPHRASE* messages on the
> status-fd stream, so we just need a way to answer those prompts...
>
> Am I missing some obvious downside? Should I code this and send a patch?
> Is this something that the developers don't want in GPG?
>
> Thanks,
> -- Adam
More information about the Gnupg-devel
mailing list