-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On -10/01/37 20:59, Peter Pentchev wrote: > On Fri, Oct 08, 2010 at 12:24:17AM +0100, Lee Elcocks wrote: > [snip] >> ECHO bingos| GPG --batch -se --passphrase-fd 0 -r PGPTOKEY -o >> "C:\encryptedfiles\%F.pgp" > > Erm... on this line, where are you telling GPG to actually encrypt the %F > file?
It's been a while since I've written any sort of Windows batch scripting, but looking at the rest of the statements, it seems the output should be specified as %%F.pgp, not %F.pgp, and that is why you end up with a file called f.pgp (the % is dropped as an escape char). The fact you don't specify an input file causes the f.pgp file not to contain anything useful. So probably it should read ECHO bingos| GPG --batch -se --passphrase-fd 0 -r PGPTOKEY -o "C:\encryptedfiles\%%F.pgp" %%F Furthermore, it is almost always a better idea to drop the passphrase from the key than to specify the passphrase in some file. In this specific case, depending on your OS, the "echo bingos" might even show up in the process list for any user of the machine to read. At least the secret keyring should be protected by file permissions so only you and the superuser can read it. Best to avoid a false sense of security by having a passphrase on a key and that passphrase in plain text on your disk, and just remove the passphrase altogether. That's usually the price to pay for automated signing. Only much more elaborate setups can provide extra security in such a case. Then again, I'm not a security expert. You could create a signing key especially for this purpose and label it "(Automated Signing Key)" for clarity. And another signing key that is passphrase protected and use that when you yourself explicitly sign some document. Good luck, Peter. - -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt (new, larger key created on Nov 12, 2009) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJMrtSYAAoJEJaeAY/ebNyh27cH/jYuLBhINoviX9O2pNIZRZNy yFrFeCAyttgmdq3GY+tGzdebOhnARZAKwh0sK4QZPFg8ho+cUhNetPJcGHKvQMEx GzbhjC++exvUW8leogNw6kcMZ6zVTCbeoEBzlZHUi8uP9gOo9ZsrujeWNwOBV5cw f4iDqxXvlsl1sghgkxISt0SRHY1nHKk21apHuTNnKO+Z9esGgXTE+4YPpNQ6QGug p9X9Urvn13PaGfK68rEt9U3HZMjHm37mYBnak2vvtv2lBYFfF4IM+CKAUoeh7SER RwioXnNWQqRRmnrFGGmKQgWbwKqDCgptRP8QZAvLQ9upwP7+Hxu+ut+m3z2GPig= =OQNc -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users