cannot pass in input and passphrase at the same time in batch mode?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jun 23 06:13:00 CEST 2009
On 06/18/2009 08:41 PM, Harry wrote:
> $echo abcd | gpg -u bob at xyz.com --output message.pgp -r alice at 123.com -se --passphrase-fd 0 << EOF
> 123456
> <EOF
It seems to me like you're expecting standard input (file descriptor 0)
to serve two purposes here:
a) to feed the cleartext to gpg
b) to feed the passphrase to gpg
what's not clear to me is how you expect gpg to distinguish between the
two. In your example above, assuming abcd is the cleartext and 123456
is the passphrase, why not put them in the opposite places? It seems
fundamentally ambiguous to me, which is probably why gpg isn't dealing
with it how you want.
Instead, you could use separate file descriptors for the two distinct
pieces of data:
echo abcd | \
gpg --output foo -r a at example.com -se --passphrase-fd 3 3<<EOF
123456
EOF
this continues to use file descriptor 0 (stdin) for the cleartext, but
uses file descriptor 3 (which would normally be unused) to send the
passphrase to gpg, and relies on bash's versatile redirection operators
to provide data for FD 3. other shells may not be so versatile, though :/
Alternatively, you might be interested in getting gpg-agent up and
running, which could provide you with another technique to do the sort
of unattended operation you're describing (at least for a limited period
of time).
hth,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090623/05cd9511/attachment.pgp>
More information about the Gnupg-users
mailing list