GPG problem Urgent please
Jim Hendrick
jrhendri at maine.rr.com
Mon Dec 22 20:48:36 CET 2003
Hmmm.. Interesting (and common) thread.
Here's a couple thoughts.
1) If there is any budget, look at MoveIT and MoveIT-DMZ
http://www.stdnet.com/ They do a pretty good job of allowing legacy clients
to work and have a VB script interface for customization.
2) If you want to use GnuPG, there are a couple things to point out:
- The scripting works quite well with the Perl module GnuPG::Interface
- The insecurity of a decryption key on-disk can be somewhat reduced by
using two keys like this:
Create a "file transfer key" that will be used for the exchange, but give
it an automatic expiration date based on the type of data, etc.
Sign the "file transfer key" with a real admin's key that will never have
it's passphrase stored on disk.
This way if the transfer key gets corrupted, and you *know* about it, you
can create a new one, etc. etc. If it gets compromised and you *don't* know
about it right away, it will limit the amount of time it will be of any
value.
If someone tries to insert a "fake" key (including storing the passphrase
*they* know on disk, you will know it because it won't be signed by the
admin's key.
Not a perfect solution, but easily adjusted for various types of data ( you
should use a different "file transfer key" for each different "interface" or
site you exchange files with ).
Good luck!
Jim
-----Original Message-----
From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
On Behalf Of hozefa_bambora8 at non.agilent.com
Sent: Sunday, December 21, 2003 1:43 PM
To: gnupg-users at gnupg.org
Subject: GPG problem Urgent please
Hi
I am facing a problem with gpg. i want to decrypt a file and i want all the
decryption information to be incorporated in gpg command itself. i have this
requirement because i need to use it in shell script
if i give command
gpg --decrypt a.gpg It ask me for passpharase on command promt
but i want to use this command in the shell so i need to provide the
passphrase along with the command so i tried this
gpg --decrypt a.pgp --passphrase-fd 'my passpharase'
but this dont work
can anyone please help me out solving this
thanks
hozefa
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list