GPG Passphrase on the command line

nidhog nidhog at
Mon Sep 26 15:36:37 CEST 2005

On 9/26/05, Werner Koch <wk at> wrote:
> On Sun, 25 Sep 2005 00:43:44 +0200 (MET DST), Johan Wevers said:
> > echo password | gpg --passphrase-fd 0 --decrypt / --encrypt.
> > For some reasons I don't completely understand the GnuPG developers feel
> > this is less insecure than a normal commandline (you're certainly not the
> > first to ask this...).
> On a multi-user machine it is trivial to see the command line and even
> the environment of all users without the need of root privileges.
> Further the passphrase will be visible in the command line edit
> history.

it will show on ps and on your .bash_history and on casual
shoulder-surfing -- that's why it's insecure.

plus it's not good security practice typing in your passphrase in the
open, readable form. it's just as if you handed the world your secring
and your key.

on the subject of piping, you might try to get a win32 port of unix's
echo command (echo.exe). win32's echo command sometimes have that ugly
\n attached and will mess up your passphrase. with unix's echo, you
can do an echo -n.


More information about the Gnupg-users mailing list