Batch Mode and decrypt

Peter S. May me at psmay.com
Tue Apr 17 22:38:09 CEST 2007


David Shaw wrote:
> Again, though, if you're going to actually code the passphrase into
> the script itself, why have a passphrase at all?

On this subject, you should also know that, if you can enter your
passphrase on the system once each time the system starts up, you may
find a combination of gpg-agent (from gnupg-2) and keychain (a
Gentoo-originated script, http://www.gentoo.org/proj/en/keychain/ , that
auto-instantiates and auto-reuses ssh-agent and/or gpg-agent) to be
useful.  It's slightly more secure than writing your passphrase to your
hard drive, and the measures required to get at your key are slightly
more drastic.

(Incidentally, this is probably not the forum to ask for help about
keychain. :-)

Good fortune
PSM

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20070417/dfe2c5b3/attachment-0001.pgp 


More information about the Gnupg-users mailing list