GnuPG In Perl Scrip
Mr.Bad
Mr.Bad
Wed May 16 01:03:02 2001
>>>>> "V" == VeoWeb <bens@veoweb.net> writes:
V> I have GnuPG installed on my RedHat server, and it works
V> great. However, I want to be able to encrypt/decrypt files via
V> a perl script. Each time I try, it always asks for a passphrase
V> (and the passphrase can't be left blank). Is there some way I
V> can send the passphrase with the command to GnuPG?
Why can't the passphrase be set blank?
Seriously, this is the right thing to do for server software. If you
put the passphrase in a file or script, you're only kidding yourself
-- you're LESS secure than with a blank passphrase.
Think of it this way: with a blank passphrase, you have to maintain
exclusive access to ONE file -- the secure keyring. If you put the
passphrase in a file or script, you have to maintain exclusive access
to at least TWO files -- the keyring AND the file or script with the
passphrase in it.
Put on a blank passphrase and SECURE YOUR SERVER. Anything else is
just giving yourself a false sense of security.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mr. Bad <mr.bad@pigdog.org> | Pigdog Journal | http://pigdog.org/
freenet:MSK@SSK@u1AntQcZ81Y4c2tJKd1M87cZvPoQAge/pigdog+journal//
"Statements like this give the impression that this article was
written by a madman in a drug induced rage" -- Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~