setting up decryption in an automated environment
Werner Koch
wk at gnupg.org
Tue Mar 5 18:13:14 CET 2019
On Tue, 5 Mar 2019 10:05, gpirlot at manymore.fr said:
> In the previous version the parameter -passphrase did the trick (although
> not the most secured) but it isn't working anymore.
Given that it is an unattended environment, a passphrase to protect the
private key does not make any sense (in most cases). Thus remove the
passphrase and you are fine:
gpg --passwd KEYID
and then enter an empty string and confirm. Also make sure that --batch
is passed to gpg. To avoid DoS (think uncompression) it is also often
useful to add --max-output=REASONABLE_LARGE_BYTE_COUNT
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190305/e0ea9a77/attachment.sig>
More information about the Gnupg-users
mailing list