batch decryption key Identification

John A. Wallace jw72253 at
Wed Nov 2 04:26:31 CET 2011

> Message: 7
> Date: Mon, 31 Oct 2011 21:20:24 -0500
> From: "John A. Wallace" <jw72253 at>
> To: <gnupg-users at>
> Subject: batch decryption key identification
> Message-ID: <000001cc983c$d0fccd30$72f66790$@net>
> Content-Type: text/plain; charset=us-ascii
> Hello.  On this website
> to-encrypt-a-message) I found this FAQ and answer:
> Question:  How can I get list of key IDs used to encrypt a message?
> $ gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null | \
>   awk '/^\[GNUPG:\] ENC_TO / { print $3 }'
> As it relates in part to my original question below, I want to ask about
> this in more detail. Knowing which particular key was used for encryption
> would allow me to pinpoint which of the several keys on a key-ring to use
> for decryption and would help save much time and effort in the process
> looking at a batch of messages.  
> I am not a programmer, but I can see that the above command uses the
> 'awk' to identify the key used; and I understand that the Gnu program
> has equivalent functionality. I have two questions about it.  First, using
> the above command, whereabouts should I put the "path/filenames.asc" in it
> for the command to analyze for decryption, and should I put any other
> unlisted parameters in the command for it to complete?  I tried testing it
> like this: 
> gpg --batch --decrypt <filename.asc> --list-only --status-fd 1
> But I saw nothing output on the screen related to the key used on the

I found, after fiddling with this a bit and looking at some documentation
online, that the problem is with the posted answer to the FAQ.  For the
above command to work as intended, it needs to have the part "--decrypt
<filename.asc>" moved to the end of the line.  The Options are supposed to
precede the Commands.  Once moved to the end, the command's output does in
fact show me the information about which key it was encrypted to, assuming
that I have the key on my key-ring and that it was not a hidden recipient.


> Secondly, are the 'gawk' program commands equivalent to the above listed
> commands, or will I need to alter it in some way?  Thanks.
> John

More information about the Gnupg-users mailing list