v2.3 of gnupg for automation?
raf
gnupg at raf.org
Thu Oct 28 06:09:22 CEST 2021
On Wed, Oct 27, 2021 at 09:33:16AM +0200, Werner Koch via Gnupg-users <gnupg-users at gnupg.org> wrote:
> On Tue, 26 Oct 2021 18:21, Robert J. Hansen said:
>
> > That's true, and is correct. If you're passing a passphrase via the
> > command line, that passphrase becomes visible to anyone with the
> > privileges to get a list of processes and arguments. At that point the
> > passphrase really isn't providing much in the way of security.
>
> I fully agree.
>
> If, for whatever reasons, a passphrase is required the suggested
> workaround is to add
>
> --pinentry-mode=loopback
>
> to the gpg invocation.
>
> Salam-Shalom,
>
> Werner
But be warned, loopback doesn't handle password retries after a failure.
If it did, it would be great. But for automation, that shouldn't matter.
cheers,
raf
More information about the Gnupg-users
mailing list