How can I have gpg pause to receive its passphrase, before it starts outputing decrypt to stdout?
Jakob Bohm
jb-gnumlists at wisemo.com
Thu Mar 21 08:45:17 CET 2024
On 2024-03-19 00:01, Bee via Gnupg-users wrote:
>> However if you known the passphrase, you can pass it to gpg directly using --passphrase-file and --pinentry-mode=loopback.
> I figured, but am trying to avoid having the passphrase land on disk at all.
>
>> Due to the way a pipe works there is not much you can do here.
> Except (I would hope?) if gpg were to make sure nothing is written to
> stdout until after passphrase was completely acquired, before
> decrypting and writing the decrypt to sdtout, I don't expect less will
> have cleared the screen to that point. [Less waits to clear screen,
> etc., until after it receives something / anything at stdin. (?)]
>
>> You are using a Cygwin version of the standard shell here?
> No, standard DOS prompt (Win 10). Just that cygwin is along the path.
> (It's win jq, in this case, however.) [cygwin less.exe being quieter
> and more functional than dos' more.exe.]
>
>> make sure that jq.exe gets its EPIPE from the failed gpg.exe.
> (1) EPIPE? As in '2|' - that's a thing (in 'Win 10' dos)?
EPIPE is the C/POSIX error code a program receives when the pipe it
reads from ends. In this case the ordinary stdout pipe. However the
Microsoft CMD.EXE supports a surprisingly large subset of Unixshell
options, but sometimes with slightly different syntax. Some but not
all ofthis is documented in the builtin help output such as cmd /?
and set /? etc.
However in this case the problem is that the shell, whichever you use,
will start the redirection to jq immediately, because the shell knows
nothing about gpg.exe or what part of its user interface to treat
specially. Using a "pinentry-program" helper that prompts via the
Win32/X11 GUI is the official solution for such cases.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the Gnupg-users
mailing list