Using pipes paranoidly

Christian Enzmann christian.enzmann at
Wed Dec 17 13:37:00 CET 2003

Hi all,

I'm using gpg 1.2.3 with bash (Linux 2.4.21). What is wrong with the pipes, 
using gpg as a filter? I'm trying to decrypt, append or prepend a line 
without writing the lot to the disks and encrypt the whole stuff again.

Working fine:
$> (cat - && gpg --default-recipient-self -d enc_original) |  sed 
's/this/that/g' > new_file

Does not work:
$> cat - | gpg -a --default-recipient-self -es > new_file
This asks me for the phrase without typing before (cat ignored?) and for some 
reasons  seems to ignore ENTER(\n) on the 'Enter passphrase:' prompt. Then it 
says 'gpg: Invalid passphrase; please try again ...' though (except the CR) 
the phrase is correct.

$> gpg -a --default-recipient-self -es > new_file
is doing fine.

What's going on? In which way is the stream from 'cat -' different from stdin?
Finally, how can I securely (sic!) open and decrypt a file, add something and 
encrypt all back to a/this file without having the clear stuff on the disk?

Any hints appreciated

More information about the Gnupg-users mailing list