Unable to batch decrypt messages on Windows

Mikkel Riber riber at calico-jack.dk
Thu Jun 23 11:20:06 CEST 2016


I've tried to setup so I can decrypt without typing in my password - since
this is needed for unattended machines. However I can't seem to get it to

To ensure it had nothing to do with my keyfiles I started from a new

I am running latest GnuPG v 2.1.13 and have also tested with v2.1.9 same

C:\Users\mr>gpg --version
gpg (GnuPG) 2.1.13
libgcrypt 1.7.1

# Generation of my new key:
C:\Users\mr>gpg --gen-key
gpg (GnuPG) 2.1.13; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: keybox 'C:/Users/mr/AppData/Roaming/gnupg/pubring.kbx' created
Note: Use "gpg --full-gen-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: John Doe
Email address: john at doe.com
You selected this USER-ID:
    "John Doe <john at doe.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
gpg: C:/Users/mr/AppData/Roaming/gnupg/trustdb.gpg: trustdb created
gpg: key 21EA293DB2F03772 marked as ultimately trusted
gpg: directory 'C:/Users/mr/AppData/Roaming/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as
public and secret key created and signed.

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   rsa2048 2016-06-23 [S]
uid           [ultimate] John Doe <john at doe.com>
sub   rsa2048 2016-06-23 []

# Encrypting my file plaintext.txt
C:\Users\mr>gpg --verbose --encrypt --armor -r john at doe.com plaintext.txt
gpg: using pgp trust model
gpg: using subkey 60C4F0C050369A62 instead of primary key 21EA293DB2F03772
gpg: This key belongs to us
gpg: reading from 'plaintext.txt'
gpg: writing to 'plaintext.txt.asc'
gpg: RSA/AES256 encrypted for: "60C4F0C050369A62 John Doe <john at doe.com>"

# Verify it is possible to decrypt using normal interactive mode
C:\Users\mr>gpg --decrypt plaintext.txt.asc
gpg: encrypted with 2048-bit RSA key, ID 60C4F0C050369A62, created
      "John Doe <john at doe.com>"
This is my secret!

# When trying any of below commands I'm still getting the prompt for
C:\Users\mr>gpg --batch --passphrase-file password.txt --decrypt

C:\Users\mr>gpg --batch --passphrase-fd 0 --decrypt plaintext.txt.asc

C:\Users\mr>echo 1234| gpg --batch --passphrase-fd 0 --decrypt

C:\Users\mr>gpg --batch --decrypt --passphrase-fd 0 --output output.csv
plaintext.txt.asc <password.txt

C:\Users\mr>gpg --batch --passphrase 1234 --decrypt plaintext.txt.asc

Any advice how to get this to work?

Any input is welcome, thank you.

Kind regards
Mikkel R.

More information about the Gnupg-users mailing list