GPG2 encryption options
Peter Pentchev
roam at ringlet.net
Thu Oct 3 13:35:34 CEST 2013
On Thu, Oct 03, 2013 at 02:33:32PM +0300, Peter Pentchev wrote:
> On Wed, Oct 02, 2013 at 09:46:24PM -0700, mightymouse2045 wrote:
> > Hi there,
> >
> > I'm wondering if gpg2 can be used to encrypt a file using a keyfile. The
> > term keyfile is used to refer to a static file where the contents are read
> > into gpg2 to be used as the passphrase for the encryption process.
> >
> > for example:
> >
> > ccrypt -e --keyfile ~/.somefile ~/the_file_to_be_encrypted.doc
> >
> > So the above ccrypt command encrypts the file_to_be_encrypted.doc with the
> > first line take from .somefile
> >
> > ccrypt -d --keyfile ~/.somefile ~/the_file_to_be_encrypted.doc.ctd
> >
> > and the above command decrypts it....
> >
> > Is this possible with gpg2? I like this because I can use random files taken
> > from the 100,000's+ static non-changing files on my system as passwords for
> > encrypting and decrypting files etc. I'd just prefer to be using gpg2 as I
> > can then specify algo's hash's etc instead of being stuck with AES.
> >
> > There are some files I don't like having to enter a passphrase for each time
> > due to them be accessed very frequently, but I don't want the contents of
> > them being stored plaintext either.
>
> If the contents of the keyfile "looks like" a single line of text (e.g.
> a passphrase), then you can use gpg --symmetric (or -c for short) and
> pass the file in using the --passphrase-fd option.
But then, of course, everything that Peter Lebbing said about caching
the passphrase or using a smartcard that caches the PIN for a limited
amount of time is true. I personally have never found it much trouble
to have gpg-agent prompt me for my passphrase after a couple of minutes.
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at FreeBSD.org p.penchev at storpool.com
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
I am jealous of the first word in this sentence.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20131003/72389900/attachment-0001.sig>
More information about the Gnupg-users
mailing list