Upgraded gpg from 1.4.18 to 2.1.18: --default-recipient-self no longer works

Werner Koch wk at gnupg.org
Wed Dec 13 09:36:29 CET 2017

On Wed, 13 Dec 2017 02:17, gnupg at raf.org said:

> The gpg command is something like:
>   cmd... | gpg --default-recipient-self --encrypt --output filename.gpg

For all unattended use you need to add --batch (in all versions of gpg
since he very beginning).

>   gpg: cannot open '/dev/tty': No such device or address

Batch will also handle this.

> So I ran it manually and it turned out that --default-recipient-self
> no longer works:

There have been a couple of internal changes in the last years which may
have affected this option.

> I can specify the ID explicitly (i.e. name at domain.com) and
> then it works but I shouldn't have to, should I?

It is always better to make it explict.  To debug your failure, please
run the encryption command agian but add 

  --verbose  --debug lookup

to the invocation

> (1) The documentation for --default-key says:
>   Use name as the default key to sign with.
> But the documentation for --default-recipient-self
> implies that it is also for encryption, not just signing.

Both commands are basically the same; they just differ in how the
default key is determined.  So, right the man page is wrong.

> (2) The documentation for --no-tty says:
>   Make sure that the TTY (terminal) is never used for any output...
> But it also makes sure that the TTY is not used for input as well.

Right.  But in practise you don't need it.  --batch is sufficient.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20171213/d306e95e/attachment.sig>

More information about the Gnupg-users mailing list