Question about passphrase-fd

David Shaw dshaw at
Fri Mar 12 23:24:03 CET 2010

On Mar 12, 2010, at 5:27 AM, Matt Burkhardt wrote:

> On Thu, 2010-03-11 at 21:36 -0500, David Shaw wrote:
>> > Long story short, I use amanda for my backups and I've been using encryptsimple for my backups.  My PC died completely, and I'm trying to get the backups onto another machine.  I've stepped through the programs and have found that it's calling gpg with 
>> > 
>> > gpg --batch --quiet --no-mdc-warning --decrypt --passphrase-fd 3  3</var/lib/amanda/.am_passphrase
>> > 
>> > I was under the impression that the passphrase (.am_passphrase) was just a clear text secret phrase.  However, the gpg call errors out with:
>> > 
>> > gpg: decryption failed: bad key
>> The "bad key" error doesn't mean the passphrase is wrong (that would be "invalid passphrase").  It often means that the file you are decrypting is corrupt.  Was the file you are decrypting encrypted with a passphrase only or with a public key? 
> Here's the code that calls gpg for the encryption:
> gpg --batch --no-secmem-warning --disable-mdc --symmetric --cipher-algo AES256 --passphrase-fd 3  3</var/lib/amanda/.am_passphrase
> According to the man pages, it says not to use the --cipher-algo but doesn't mention if that's needed in order to decrypt the files.  Would that have to happen?

No.  You need to specify it for encryption, but on decryption (except in certain special cases, and this is not one of them) GPG can see what cipher was used directly from the encrypted file and handle it automatically.


More information about the Gnupg-users mailing list