Another idea (was Re: Password on command line?)
Tue Aug 6 04:34:02 2002
It just occurred to me that, since you want to put this on a script, the
'echo "password" | gpg ...' option would be bad. Your password would be
in plain text in a file.
Here's an improvement on that idea.
1) Make your script accept your password as a command-line argument.
Then, on your script you'd have:
echo "$1" | gpg --passphrase-fd 0
You could then call your script with:
yourscript.sh "my secret passphrase"
If you use "quotes" you won't have trouble with special characters and
2) If you still don't want your passphrase to show up on your screen, you
can add this additional Perl program:
ReadMode('noecho'); # Turn off output to the screen.
print "Please enter your passphrase: ";
chomp( my $password = ReadLine(0) );
I hope that this helps.
On Sun, 4 Aug 2002, Frank Hrebabetzky wrote:
> Hi there,
> I work occationally on some text files ciphered symmetrically, which
> involves the following steps:
> gpg -decrypt <file> > <file>.txt # get clear text
> pico <file>.txt # edit it
> gpg -co <file> <file>.txt # cipher symmetric.
> wipe <file>.txt # erase clear text
> So I wrote a script for that, but I have to type in 3 times the same
> passphrase: for deciphering, ciphering and confirmation.
> Passing the passphrase as command line parameter would solve the problem,
> because the script could read it and pass it to gpg, but according to the
> man pages such a gpg option doesn't exist. The option --passphrase-fd gave
> me some hope first, because I thought I could write the passphrase in a
> file first and wipe it out at the end, but my linux book only told me
> about the standard file descriptors 0, 1 and 2, which don't help me.
> Any suggestion?
> Frank Hrebabetzky Tel.: +55 / 48 / 9998 7686
> Florianopolis email: email@example.com
> Gnupg-users mailing list