GPG problem Urgent please

Jim Hendrick jrhendri at maine.rr.com
Mon Dec 22 20:48:36 CET 2003


Hmmm.. Interesting (and common) thread.

Here's a couple thoughts.

1) If there is any budget, look at MoveIT and MoveIT-DMZ
http://www.stdnet.com/ They do a pretty good job of allowing legacy clients
to work and have a VB script interface for customization.

2) If you want to use GnuPG, there are a couple things to point out:
  - The scripting works quite well with the Perl module GnuPG::Interface
  - The insecurity of a decryption key on-disk can be somewhat reduced by
using two keys like this:
  Create a "file transfer key" that will be used for the exchange, but give
it an automatic expiration date based on the type of data, etc. 
  Sign the "file transfer key" with a real admin's key that will never have
it's passphrase stored on disk.

  This way if the transfer key gets corrupted, and you *know* about it, you
can create a new one, etc. etc. If it gets compromised and you *don't* know
about it right away, it will limit the amount of time it will be of any
value.

  If someone tries to insert a "fake" key (including storing the passphrase
*they* know on disk, you will know it because it won't be signed by the
admin's key.


Not a perfect solution, but easily adjusted for various types of data ( you
should use a different "file transfer key" for each different "interface" or
site you exchange files with ).

Good luck!

Jim



-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
On Behalf Of hozefa_bambora8 at non.agilent.com
Sent: Sunday, December 21, 2003 1:43 PM
To: gnupg-users at gnupg.org
Subject: GPG problem Urgent please


Hi

I am facing a problem with gpg. i want to decrypt a file and i want all the
decryption information to be incorporated in gpg command itself. i have this
requirement because i need to use it in shell script

if i give command
gpg --decrypt a.gpg     It ask me for passpharase on command promt

but i want to use this command in the shell so i need to provide the
passphrase along with the command so i tried this

gpg --decrypt a.pgp  --passphrase-fd 'my passpharase'


but this dont work 
can anyone please help me out solving this


thanks
hozefa

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users





More information about the Gnupg-users mailing list