GPG Passphrase on the command line

Werner Koch wk at gnupg.org
Mon Sep 26 11:49:20 CEST 2005


On Sun, 25 Sep 2005 00:43:44 +0200 (MET DST), Johan Wevers said:

> echo password | gpg --passphrase-fd 0 --decrypt / --encrypt.

> For some reasons I don't completely understand the GnuPG developers feel
> this is less insecure than a normal commandline (you're certainly not the
> first to ask this...).

On a multi-user machine it is trivial to see the command line and even
the environment of all users without the need of root privileges.
Further the passphrase will be visible in the command line edit
history.





More information about the Gnupg-users mailing list