--passphrase and command line
Werner Koch
wk at gnupg.org
Wed Jan 14 17:09:09 CET 2015
On Wed, 14 Jan 2015 15:39, hymie at lactose.homelinux.net said:
> Can this feature be added to the "--passphrase" option of gpg? It's my
No!
The only reason to use --passphrase is for symmetric encryption and for
regression tests. For the former --passphrase-file and --passphrase-fd
is what you actually want to use.
If you do public key decryption/signing there is no need for a
passphrase - just do not set one for your key. It is useless and only
needed by check mark style security policies [1].
Shalom-Salam,
Werner
[1] Something like this ;-):
[ ] Machine case has no sharp edges
[ ] Admin knows how to power on the server
[ ] Admin knows how to escalate problems
[ ] Password has at least 8 characters and includes a digit
[ ] Password does not match user name
[ ] Certificate makes the address bar green
[ ] Some key size is at least 2048
[ ] Audit done by 600 EUR/h consultant
[ ] TüV badge has not expired
[ ] Passwords are used to protect all keys
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list