GPG decryption within shell scripts. - another option?
CL Gilbert
Lamont_Gilbert@RigidSoftware.com
Wed Jul 30 14:45:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
James R. Hendrick wrote:
| I agree that giving key passphrases to an automated process puts the
| burden of security elsewhere (like within the security of the system
| where the passphrase is stored for example).
|
| I disagree that it removes whatever security the passphrase gives.
|
by definition, automating the passpharase is the equivalent of removing
the passpharase. Its there in the script in plain text. if anyone can
access the key itself, then they can just as equally access the script.
~ So lets say the passpharase does not provide added security above the
key itself.
- --
Thank you,
CL Gilbert
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16
GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD 19AE 55B2 4CD7 80D2 0A2D
GNU Privacy Guard http://www.gnupg.org
Free interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/J74aVbJM14DSCi0RAkbTAJ0cXcqetlUs+5lKlMNdynhLJx4lsQCeL6to
+QXsFsOZ4K4jCmKTC75NGBA=
=Qzxi
-----END PGP SIGNATURE-----