peter at digitalbrains.com
Wed Oct 26 18:12:21 CEST 2016
On 25/10/16 05:06, Amitesh Mishra wrote:
> 1. Added the passphrase to the perl script in the following manner
> system ("type $PASSFILE | gpg --no-tty --batch --passphrase-fd 0 --output
> $CONTACTDECRYPT --yes --decrypt $CONTACTTARGET");
You need to add "--pinentry-mode loopback" to the arguments.
Also, while this is all fine for testing and debugging, it doesn't appear to
make sense in production. What use is it to encrypt file A with a passphrase
that is in plaintext in file B? Better not to encrypt file A, your private key,
in the first place, since you gain nothing in protection in the general case.
Then you don't need passphrase entry anymore, the key will Just Work(TM).
> 2. preset passphrase as shown below :
> C:\Program Files (x86)\GnuPG\bin>gpg-connect-agent --homedir C:\Users\XXX\Ap
> pData\Roaming\gnupg "preset_passphrase B6938993903C4590B75FA651035A38377BE10CD8
> -1 53656324537465663123313233" /bye
preset_passphrase takes a *keygrip* not a *fingerprint*. You can find the
keygrip as follows:
$ gpg2 --with-keygrip -K 035A38377BE10CD8
For my test key, it's as follows:
sec rsa2048/3E7F0306 2013-07-26 [SC] [expires: 2016-11-02]
Keygrip = BDAB81746D3696C48746896F4EA1670D312148C7
uid err Test extra UID
uid err Test more extra UID
uid err Testkey
ssb rsa2048/459A39FE 2014-01-09 [E] [expires: 2016-11-02]
Keygrip = 815F15F918ECF9922D4CF60D0ED5C03143746201
If I want to prime the passphrase for decryption, I would use the keygrip
815F15F918ECF9922D4CF60D0ED5C03143746201. For the passphrase for signing, I
would need the other keygrip instead.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users