decrypt aes256 encrypted file without gpg-agent

Robert J. Hansen rjh at
Sun Jun 28 22:24:43 CEST 2020

> I thought the agent is for manipulating the private key.

It's also responsible for calling pinentry, which is how GnuPG receives
passphrases.  It's a pluggable component: on Windows you get a Windows
pinentry that uses a Windows look and feel, on KDE you get a Qt one that
looks like a KDE app, on GNOME you get a GTK one that looks like a GNOME
app, and so on.

GnuPG sees the symmetrically encrypted message and knows it needs to
recover/derive a key.  It calls gpg-agent, which in turn calls pinentry.

> But why do I need the agent, when no secret key is involved? I simply
> want to decrypt a password-encrypted file. What possible useful role
> would agent play?
> Seems to me that this is a terrible design...

Let's be clear: you're passing judgment on a design without first
learning what the design is.

> I remember a time, when gpg was a simple, cleanly design utility that
> worked.

GnuPG adopted gpg-agent in large part to clean up GnuPG's design.  GnuPG
was introduced in GnuPG 1.9.0, released in August *2003*.

You've ignored GnuPG development for so long you're surprised by a
change introduced seventeen years ago.  That's on you.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 821 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list