sign and encrypt from batch script

Simon Josefsson simon at josefsson.org
Wed Mar 28 20:19:16 CEST 2012


"Roberts, David M [ITSYS]" <dmrober at iastate.edu> writes:

> I've got a batch script that signs and encrypts files using GnuPG1.2.6
> running on a REHL4 system.  We are upgrading the system to RHEL6 which
> comes with Gnupg2.0.14 and the scripts no longer run correctly.
>
> gpg -u "signing-key" -r "receiving_pub-key" -sea -o /output.pgp
> --batch --passphrase-fd 0 < /phrase.txt /plaintext.txt
>
> When I run this command on the new system I get a message like this
>
> You need a passphrase to unlock the secret key for
> user: "signing-key"
> 2048-bit RSA key, ID EAA21D37, created 2012-03-26
> can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory

GnuPG 2 uses the agent.  It may not be entirely relevant, but I managed
to run ssh with the gpg-agent unattended on a server:

http://blog.josefsson.org/2011/10/11/unattended-ssh-with-smartcard/

I have not tested whether it works with private keys stored encrypted on
disk, but I see no fundamental reason why it wouldn't work.  You can
ignore the SSH aspect of it, which should make it simpler.

/Simon



More information about the Gnupg-users mailing list