determine encryption key without trying to decrypt

kwadronaut at kwadronaut at
Fri May 3 10:12:39 CEST 2013


Quoting Hauke Laging <mailinglisten at>:
> how can I determine the key(s) for which a file has been encrypted  
> without gpg
> trying to decrypt the file? I don't understand why --list-packets tries to
> decrypt it anyway. --batch and --no-tty do not solve the problem.

Because of the --hidden-recipient (or --hidden-encrypt-to name)  
functionality, you're sort-of obliged to simply throw whatever secret  
keys you have at it and hopefully be able to decrypt it. Why don't you  
use the option from the faq [1], is there something wrong with:

  gpg --batch --decrypt --list-only --status-fd 1 2>/dev/null | \
   awk '/^\[GNUPG:\] ENC_TO / { print $3 }'



More information about the Gnupg-users mailing list