Using Gnupg from the command line with no arguments

Peter Lebbing peter at
Wed Nov 27 11:43:19 CET 2013

On 26/11/13 22:46, Michael wrote:
> Hi, I am a new GPG user.  (New to the command line, that is.)  I know that
> if you type "gpg" without any arguments in a command line it starts a
> primitive sort of text editor where you can type a message that you later
> encrypt, sign, etc.

I'm pretty sure this is not correct.

When you start it without arguments, it expects an OpenPGP message on stdin
(pronounce "standard in"). Since you're working from the command line, stdin is
your keyboard. You're calling this "a primitive sort of text editor" but it's no
more a text editor than the command line itself, where you enter commands to
execute, is a text editor.

On Linux, you can type Ctrl-D to signal the end of a stdin stream. Look what
happens when I do that:

peter at tweek:~$ gpg2
gpg: Go ahead and type your message ...
gpg: no valid OpenPGP data found.
gpg: processing message failed: Unknown system error
peter at tweek:~$

I typed: Blah<Enter><Ctrl-D>

The lines "peter at tweek: ~$" are my command prompt.

Charly Avital mentioned pressing Ctrl-C; this would be to signal to gpg2 you
want it to exit. Here's what happens when I type Blah<Enter><Ctrl-C>:

peter at tweek:~$ gpg2
gpg: Go ahead and type your message ...
gpg: signal Interrupt caught ... exiting

peter at tweek:~$

This does not process the input on stdin, because you're signalling you want
gpg2 to stop what it is doing and quit, which is different than signalling that
you're done with typing on stdin.

The ^C is the shells way of telling me I pressed <Ctrl-C>; this doesn't happen
for all control codes.

Now what you're probably thinking of is something like this:

peter at tweek:~$ gpg2 -r peter -ae
I'm talking to myself.
Version: GnuPG v2.0.20 (GNU/Linux)

peter at tweek:~$

I typed the line of input, <Enter><Ctrl-D>

However, I had to specify up front I wanted to encrypt to myself, it's not, like
you said

> you can type a message that you later encrypt, sign, etc.

Also, your cursor keys will most likely not work. You can type in text, erase it
with <Backspace>, and make a line final with <Enter>. It's a really unfriendly
environment, because it's not an environment really meant for the user. So
you're much better off with a (primitive or not) text editor.

One final point: MacOS shares UNIX roots and POSIX stuff with Linux, so I expect
that <Ctrl-D> ends the stdin just like it does on Linux.

If you like, I can explain you where <Ctrl-C> and <Ctrl-D> come from. If you
don't care, you can stop reading and I wish you a good day :).

It might help you remember why these keys work, which is why I think it's very
slightly on topic. Actually, I just like telling this and I'm looking for a

When you type letters from the Latin alphabet, these letters are passed to the
system as ASCII, which is a table of 127 characters that contain the alphabet,
numbers, some more stuff, as well as so-called control codes. The control codes
are right at the beginning of the table: the first 32 entries (entries 0-31,
computers usually start counting at 0). On many systems, you can enter these
control codes by holding down "Control"[1] and using the keys @ followed by A-Z
followed by [, \, ], ^ and _. If you look at the ASCII table, you'll notice that
these are the entries numbered 64-96[2].

So when we're pressing <Ctrl-C>, we're passing ASCII 3, <Ctrl-D> passes ASCII 4,
and <Ctrl-\> passes ASCII 28.

<Ctrl-C>, ASCII 3, is called ETX, End of Text. <Ctrl-D>, ASCII 4, is called EOT,
End of Transmission. <Ctrl-\>, ASCII 28, is called FS, File Separator. These are
ancient names, and the names don't always still match current usage, although
there still is something reminiscent of logic.

Now I happen to know that <Ctrl-\> asks the program to "dump core"[3], so I
entered "ascii 1c dump core" in (1c is hexadecimal for 28, I
expected more results for hexadecimal numbers), and it linked to a nice page[4].
It describes the three as (amongst others):

> Most UNIX systems used ETX as the default code to generate a SIGINT signal 
> for the foreground process. (Exception: Solaris responds to ETX by sending 
> the SIGINT signal to all processes on the given controlling terminal.)

SIGINT is "signal Interrupt", compare to the GnuPG output.

> In C language environments with a Standard In (stdin) device, a EOT can 
> indicate that the end of input has been reached.

> By default, the command shells in UNIX systems treat this as a QUIT signal,
> and will pass a signal to the current foreground process that it should
> abort, and if allowed and possible, make a core dump.

Now if you from now on think of Ctrl-D as "End of Transmission" instead of the
awkward "control dee", maybe you can remember better. It's unfortunate that
Ctrl-C is called "End of Text", though. And File Separator just doesn't make
sense ;).

Just as a bonus:

<Ctrl-S> is called DC3 "Device Control 3", but also XOFF "Transmission off". You
can use it to pause the output on the terminal screen. When two systems are
communicating through ASCII, it is usually sent when the receiving system can't
keep up with the flow of data that the other system is producing. When you press
<Ctrl-S>, you're basically saying "hey I can't read that fast!". When you've
caught up, you press <Ctrl-Q>, DC1 "Device Control 1", also XON "Transmission
on". The output on the terminal will resume, and you can read the rest of the text.



[1] You hold down "Control" to enter control codes on your keyboard. I don't
think this is a coincidence, but I didn't check the etymology.

[2] If you make an ASCII table in two columns they'll line up next to eachother
because you're putting entries 0-63 left and 64-127 right.

[3] I'm already explaining a lot, I'm not really going to touch that one... :)


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list