Scripting and CGI use of GPG
Tue, 31 Aug 1999 12:02:21 -0700 (PDT)

OK, thanks to all the great suggestions and polite advice!  I managed to
get it partially working, but it wasn't very easy.  In the end, I used the
CPAN module for GPG mentioned by Frank (actually, it looks like he wrote
it! :'), but it had the same problems that I had in my own code. It worked
eventually, but I did have to modify the environment first:


As Alan suggested, the user which Apache was running under was indeed
'nobody' (as I expected).  I made a 'home directory' for this user to keep
things like GPG keys.  But, GPG still wasn't finding them.  Using the
"--homedir" parameter from within the script didn't work for some strange
reason (it worked from the command line...)!  I also noticed that it
wasn't mentioned on a 'gpg -h', so I thought it might have been
depricated or something?! 

In any event, using the environment setting above (and making sure
permissions were OK) fixed things.  But, I can not have the CGI
encrypt+sign successfully.  It automatically 'pops' back to interactive
mode prompting for the password for the secret key eventhough I supplied
it as CPAN specifies.  I know having the password in a script isn't very
secure, but it seems better than having the secret key w/o any password

Thanks again for the help, and hopefully I can get encrypt+sign working
after some more fudging.


Philip Edelbrock -- IS Manager -- Edge Design, Corvallis, OR --
 PGP F16: 01 D2 FD 01 B5 46 F4 F0  3A 8B 9D 7E 14 7F FB 7A