cannot pass in input and passphrase at the same time in batch mode?
dshaw at jabberwocky.com
Tue Jun 23 06:34:38 CEST 2009
On Jun 18, 2009, at 8:41 PM, Harry wrote:
> Hello guys,
> I ran into a problem when using gpg to sign and encrypt. I have a
> test run below (in bash):
> $echo abcd | gpg -u bob at xyz.com --output message.pgp -r
> alice at 123.com -se --passphrase-fd 0 << EOF
> There is no error but after decrypt message.pgp, the file content is
> empty. In above run, "abcd" is the input plain text to be encrypted,
> 123456 is the passphrase for bob at xyz.com's private key that is used
> for signing the file.
> My requirements are "abcd" can not be saved in a file, it has to be
> sent to gpg as stdin. So is the passphrase, it can not be saved in a
> file too.
> It looks like when input and passphrase are all passed in as stdin,
> gpg only takes passphrase and consider input text as empty, which
> result into an empty encrypt file.
> Is there anyway to solve this?
Assuming you're using bash as your shell, you want something like this
(but see below about --passphrase):
$echo abcd | gpg -u bob at xyz.com --output message.pgp -r alice at 123.com
--passphrase-fd 7 -se 7<<EOF
> I tried
> $echo abcd | gpg -u bob at xyz.com --batch --output message.pgp -r alice at 123.com
> -se --passphrase "123456"
> but gpg gave error like:
> gpg: skipped `bob at xyz.com': bad passphrase
> gpg: [stdin]: sign+encrypt failed: bad passphrase
Move --passphrase earlier in the command line (before the -se).
I thought you said you couldn't save the passphrase in a file, though
- isn't putting it on the command line effectively the same thing?
More information about the Gnupg-users