Cannot Decryption via UNIX shell script
Felipe Alvarez
webmaster at felipe1982.com
Sat May 9 07:54:33 CEST 2009
On Wed, 6 May 2009 20:11:27 Bob Yang wrote:
> Hi All,
>
> I hit error when using the below script.
>
> gpg -e "key" "file" <<EOF
> yes
> EOF
>
> Error:
> It is NOT certain that the key belongs to the person named
> in the user ID. If you *really* know what you are doing,
> you may answer the next question with yes
>
> Use this key anyway?
>
> Does anyone come across this before?
>
> Thanks,
> Bob
You must sign that recipient's public key with your private key. Do this
only after verifying that the public key does indeed belong to the
intended recipeint. For example, don't blindly sign a key that says
bill.gates at microsoft.com is you are not sure that the key belongs to
Bill Gates. It may belong to "me" and I will have the private key to
decrypt any messages that you send (of course, I do not have an
email address at domain microsoft.com). Also, if you choose "file" (as
you have in your script) there is no need to provide standard input (as
you wrote <<EOF yes EOF because your input is "file". You can
specify "yes" as your input, and use the -o option to select your output
file:
---code---
gpg -o file-to-send.gpg -r bill.gates at microsoft.com -e <<EOF
please reboot your machine
EOF
---end-code---
Felipe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 258 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090509/1c9906ce/attachment.pgp>
More information about the Gnupg-users
mailing list