GnuPG encryption with key file

David Shaw dshaw at
Thu Mar 27 14:35:21 CET 2014

On Mar 26, 2014, at 5:37 PM, ------ ------ <postpics123 at> wrote:

> Hi,
> is it possible to encrypt a file with a symmetric cipher (e.g., AES256) using a key file (e.g., a binary file) instead of a password?

Not really, but you can sort of weakly approximate it via something like this:

   base64 -w0 binary-file-for-passphrase | gpg --passphase-fd 0 --symmetric file-to-encrypt

Limitations of the method are that it's not really using the binary file as a key, but rather as a passphrase (so it gets the usual hash treatment), and there is a size limit on how large the passphrase can be (it's in the thousands of characters, but there is a limit).  The reason for the base64 is that passphrase-fd stops reading after \n for obvious reasons, and text passphrases can't have \0 in them, so a naturally-occuring \n or \0 in the binary file will truncate your "passphrase".  Same reason for the -w0, which tells base64 not to add any \n of its own.


More information about the Gnupg-users mailing list