GPG decryption within shell scripts. - another option?
Wed Jul 30 14:45:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
James R. Hendrick wrote:
| I agree that giving key passphrases to an automated process puts the
| burden of security elsewhere (like within the security of the system
| where the passphrase is stored for example).
| I disagree that it removes whatever security the passphrase gives.
by definition, automating the passpharase is the equivalent of removing
the passpharase. Its there in the script in plain text. if anyone can
access the key itself, then they can just as equally access the script.
~ So lets say the passpharase does not provide added security above the
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16
GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD 19AE 55B2 4CD7 80D2 0A2D
GNU Privacy Guard http://www.gnupg.org
Free interface to Freechess.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----