Newbie question - how to include the pass phrase in the command

Steve Butler sbutler@fchn.com
Fri Jun 6 03:44:03 2003


Not really.

They may be able to encrypt but they won't be able to sign without your pass
phrase (which if it is missing makes it wide open).

They can't decrypt without your pass phrase.  Even if they know your ID
(which is in the Public key).

-----Original Message-----
From: Ping Kam [mailto:pkam@quikcard.com]
Sent: Thursday, June 05, 2003 4:20 PM
To: gnupg-users@gnupg.org
Subject: Re: Newbie question - how to include the pass phrase in the
command


Thanks to all those helping me.  Now I get some idea about how GPG works.

But I am quite confused.  I always thought that it will require the userid
and password pair to encrypt and decrypt files.  It seems like GPG only
needs the userids.  So any one knows how to use GPG, knows your userid and
the recipient's userid, and have access to your computer can encrypt and
decrypt on your computer.  It seems to me that the userid is even more
important than the pass phrase.  Right?

Ping Kam



----- Original Message -----
From: "Steve Butler" <sbutler@fchn.com>
To: "'Ping Kam'" <pkam@quikcard.com>; <gnupg-users@gnupg.org>
Sent: Thursday, June 05, 2003 12:24 PM
Subject: RE: Newbie question - how to include the pass phrase in the command


>
>
> I'd change this from:
>
> echo %1|gpg  --encrypt --output %2.asc --armour --recipient
> our_own_userid --encrypt-to the_recipient_userid --passphrase-fd 0 %2
>
>
> To this <<all on one line>>:
>
> echo %1 | gpg --passphrase-fd 0 --armour --recipient %3 --encrypt-to
> <<our_own_userid>> --sign --output %2.asc --encrypt %2
>
>
>
> Then invoke it:
>
> my_gpg "my passphrase" my_file to_whom_it_concerns
>
> Of course, that's without a blank passphrase.
>
> If your passphrase is blank, then the following should work:
>
> gpg --armour --recipient %1 --encrypt-to
<<our_own_userid>> --sign --output
> %2.asc --encrypt %2
>
>
> Then invoke it:
>
> my_gpg  to_whom_it_concerns   my_file
>
>
>
> CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all copies
of the original message.
>
>



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.