pinentry dialog

Amitesh Mishra amiteshmishra2005 at gmail.com
Wed Oct 26 19:57:53 CEST 2016


Thanks Peter for your reply. When i tried adding "--pinentry-mode loopback"
in the argument, i dont get the pinentry dialog but it says:

*gpg: encrypted with 2048-bit RSA key, ID 035A38377BE10CD8, created
2016-09-23*
*      "XXX Inc. <ABC at XXX.com>"*
*gpg: public key decryption failed: Bad passphrase*
*gpg: decryption failed: No secret key*

If i remove the pinentry parameter, the same password works fine. Any
suggestions on that ?

Regards,
Amitesh

On Wed, Oct 26, 2016 at 12:12 PM, Peter Lebbing <peter at digitalbrains.com>
wrote:

> On 25/10/16 05:06, Amitesh Mishra wrote:
> > 1.  Added the passphrase to the perl script in the following manner
> >
> > system ("type $PASSFILE | gpg --no-tty --batch --passphrase-fd 0 --output
> > $CONTACTDECRYPT --yes --decrypt $CONTACTTARGET");
>
> You need to add "--pinentry-mode loopback" to the arguments.
>
> Also, while this is all fine for testing and debugging, it doesn't appear
> to
> make sense in production. What use is it to encrypt file A with a
> passphrase
> that is in plaintext in file B? Better not to encrypt file A, your private
> key,
> in the first place, since you gain nothing in protection in the general
> case.
> Then you don't need passphrase entry anymore, the key will Just Work(TM).
>
> > 2. preset passphrase as shown below :
> > C:\Program Files (x86)\GnuPG\bin>gpg-connect-agent --homedir
> C:\Users\XXX\Ap
> > pData\Roaming\gnupg "preset_passphrase B6938993903C4590B75FA651035A38
> 377BE10CD8
> > -1 53656324537465663123313233" /bye
> > OK
>
> preset_passphrase takes a *keygrip* not a *fingerprint*. You can find the
> keygrip as follows:
>
> $ gpg2 --with-keygrip -K 035A38377BE10CD8
>
> For my test key, it's as follows:
>
> sec   rsa2048/3E7F0306 2013-07-26 [SC] [expires: 2016-11-02]
>       Keygrip = BDAB81746D3696C48746896F4EA1670D312148C7
> uid         err Test extra UID
> uid         err Test more extra UID
> uid         err Testkey
> ssb   rsa2048/459A39FE 2014-01-09 [E] [expires: 2016-11-02]
>       Keygrip = 815F15F918ECF9922D4CF60D0ED5C03143746201
>
> If I want to prime the passphrase for decryption, I would use the keygrip
> 815F15F918ECF9922D4CF60D0ED5C03143746201. For the passphrase for signing,
> I
> would need the other keygrip instead.
>
> HTH,
>
> Peter.
>
> --
> I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
> You can send me encrypted mail if you want some privacy.
> My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
>



-- 
############################
Thanks & Regards,
 Amitesh Mishra
Mobile: +1-248 497 4746
Home: +1-248 233 0593
###########################
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20161026/6c25c66e/attachment.html>


More information about the Gnupg-users mailing list