pinentry dialog

Peter Lebbing peter at digitalbrains.com
Sat Oct 29 14:21:10 CEST 2016


On 26/10/16 19:57, Amitesh Mishra wrote:
> If i remove the pinentry parameter, the same password works fine. Any
> suggestions on that ?

I just used

$ echo test | gpg2 --no-tty --batch --pinentry-mode loopback --passphrase-fd 0
-o test.out --yes -d test.gpg

as a variation on the precise invocation you provided, and it worked fine; under
Linux. And yes, the passphrase for the key is the word test.

Are you completely sure that the command correctly accesses the file "abc123$$$"
in your current directory when invoked, and that the password in that file is
correct? If so, all I can think of is line endings. DOS files end in CR LF where
most Unix-like systems end lines in just LF. Sure enough:

-------------------------8<------------->8-------------------------
$ cat test-crlf.txt | gpg2 --no-tty --batch --pinentry-mode loopback
--passphrase-fd 0 -o test.out --yes -d test.gpg
gpg: encrypted with 2048-bit RSA key, ID 459A39FE, created 2014-01-09
      "Test extra UID"
gpg: public key decryption failed: Bad passphrase
gpg: decryption failed: No secret key
-------------------------8<------------->8-------------------------

Here I made the text file have DOS line endings. On Linux, it's not very
surprising, but maybe gpg also wants just an LF as a line end on DOS/Windows. It
works for me with either LF or no line end:

-------------------------8<------------->8-------------------------
$ hd test-lf.txt
00000000  74 65 73 74 0a                                    |test.|
00000005
$ hd test-noend.txt
00000000  74 65 73 74                                       |test|
00000004
$ hd test-crlf.txt
00000000  74 65 73 74 0d 0a                                 |test..|
00000006
$ cat test-lf.txt | gpg2 --no-tty --batch --pinentry-mode loopback
--passphrase-fd 0 -o test.out --yes -d test.gpg
gpg: encrypted with 2048-bit RSA key, ID 459A39FE, created 2014-01-09
      "Test extra UID"
$ gpgconf --reload gpg-agent
$ cat test-noend.txt | gpg2 --no-tty --batch --pinentry-mode loopback
--passphrase-fd 0 -o test.out --yes -d test.gpg
gpg: encrypted with 2048-bit RSA key, ID 459A39FE, created 2014-01-09
      "Test extra UID"
$ gpgconf --reload gpg-agent
$ cat test-crlf.txt | gpg2 --no-tty --batch --pinentry-mode loopback
--passphrase-fd 0 -o test.out --yes -d test.gpg
gpg: encrypted with 2048-bit RSA key, ID 459A39FE, created 2014-01-09
      "Test extra UID"
gpg: public key decryption failed: Bad passphrase
gpg: decryption failed: No secret key
-------------------------8<------------->8-------------------------

Since my agent caches passphrases, I need to flush the cache in between each
invocation or the results would make no sense.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list