encryption/decryption without files
Dave.Smith at st.com
Thu Sep 13 18:16:29 CEST 2012
On 09/13/12 16:47, vedaal at nym.hush.com wrote:
> The discussion about 'safe' text editors brings about an
> interesting question:
> Is an editor needed at all?
> Why not just input text into gnupg and then encrypt the inputted
> txt without saving it as file at all ?
> $ printf "just a test" | gpg -c -a
OK, so here's a list of issues:
1. If you're going to write it exactly like that, then the plaintext
message is going to end up in lots of places where you won't want it,
like your shell command history file (unless you disable shell history),
(potentially) the output of "ps", etc.
2. On the other hand, you could just run gpg directly, and type your
message in on the console as stdin; however, the lack of editing
facilities might be somewhat inconvenient (unless you're able to type
almost perfectly and able to plan your entire message in your head
before you start typing).
3. If you're thinking of piping the output of an existing, unsecured
editor into gpg, then that's not going to work, as the "stdout" will
contain what it wants to print on the screen and the reactions to all
your keypresses, not the actual message.
More information about the Gnupg-users