EasyGnuPG

[Werner Koch]

On Tue, 22 Mar 2016 11:20, dashohoxha at gmail.com said:

> scripts is terribly difficult. I don't understand why `gpg` does not follow
> the unix philosophy of being easily used in scripts and cooperating easily
> with other commands.

It actually does.  There are just two things which differ:

  - gpg needs to ask for a passphrase.  For obvious reasons we do not
    want to take the passphrase from stdin by default but use a direct
    pty access for this.

  - gpg was designed as a replacement for pgp and thus comes with an
    extensive tty based user interface.  This is indeed not what a Unix
    tool should be but it helps the user to get the crypto right.

And different to many Unix tools, gpg keeps state like cron, batch,
mail, and at does.

There are two simple things you need to remember when using gpg in a
script:

  1. --batch to avoid all interaction.

  2. --with-colons to get a well defined output format.  That format is
     not good for humans, though.

Well we could have done switching the output format automagically but
that would be rather surprising.  If it is used by a script, adding two
extra options for the invocation is not really a bug task.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.