gnupg to encrypt files in a batch processes

Helmut Waitzmann
Wed Mar 20 14:51:01 2002

Armin Sch=F6ch <> writes:

>> Is the solution to use the --passphrase-fd option??  Where can I find
>> documentation on this?
>> gpg -s -e -o - --batch --yes --passphrase-fd n -r
>> /usr/local/BatchMail/mailbox/TestFileMsg
>This would be your command
>echo PASSPHRASE | gpg -s -e -o - --batch --yes --passphrase-fd 0 -r
> /usr/local/BatchMail/mailbox/TestFileMsg

That's unsecure:  If "echo" is an external program, then
everybody having shell access to the machine can spy out the
PASSPHRASE using the "ps" program.

I recommend to do it like this:

put the PASSPHRASE into a file, for example
/usr/local/BatchMail/passphrase, and then use the command

gpg -s -e -o - --batch --yes --passphrase-fd 0 -r /us=
r/local/BatchMail/mailbox/TestFileMsg < /usr/local/BatchMail/passphrase