Passphrase as parameter in the command line

Steve Butler
Fri Jan 4 18:21:01 2002

NOTE:  My "default" program hands back data strings based on the host name
from which it is running.  
       gpg_home returns the path to where the key rings are located.
       gpg_pass$1 returns the pass phrase identified by $1 (1st parameter on
command line)
       The 2nd and 3rd parameters on the command line are the input and
output file names (including paths)

script name: gpg_decrypt

homedir=$(default gpg_home)

rm -f $3 2>&1 1> /dev/null
default gpg_pass$1 \
  | gpg --homedir $homedir --passphrase-fd 0 --no-tty \
        --output $3 --decrypt $2
# end of script

Since we have two public keys (a 1024 bit one and a 2048 bit one -- we are
phasing out the 1024 bit key) we identify the pass phrases differently.  You
might prefer to have a single pass phrase and simply echo "my pass phrase"
and pipe that to gpg and use --passphrase-fd 0 

Note that our options file has these additional entries that might be
appropriate for your environment:
compress-algo 1

Usage:  gpg_decrypt 2 input_file output_file

And, no, the passphrases are not in clear text.  However, a hacker could
quickly break my simple obfuscation.  But it keeps the company non-hackers
from casually gazing on them.  My personal pass phrase is not on the box.

--Steve Butler
Oracle DBA
First Choice Health Network

(And I apologize for the forced commentary the corporate email server will
apply once this message leaves my box).

-----Original Message-----
From: ritter, horst (EDS CH) []
Sent: Friday, January 04, 2002 8:38 AM
To: ''
Subject: Passphrase as parameter in the command line

Dear Linux community,

I have been looking for weeks for a solution to the following problem.

How can I give gpg the passphrase as parameter in the commandline to decrypt
files, instead to type it in after GPG's request? 
I need this to automaticaly process a lot of files under UNIX, managed by
self written program.

I would be greatful for any hints, or any ideas, which may lead to a

Should you have any questions, or require further information, please do not
hesitate to contact me. 

Best regards,

Horst Ritter

Gnupg-users mailing list

CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.