On 02/11/2019 22.52, Brian C via Gnupg-users wrote: > I can answer why the passphrase is needed: You are using the -s option > which tells gpg to sign the file, which requires your private key.
You are right. It works when I remove "-s". But it makes no sense. This particular private key has no passphrase. So shouldn't signing work in batch mode as well ? Also, I still get an error when trustdb.gpg is not writable. I am specifically using "--no-auto-check-trustdb" and "--lock-never", but these options do not seem to have any effect. Here is full syntax I am using now: gpg --no-auto-check-trustdb --lock-never --no-verbose --batch --yes --pinentry-mode loopback -e -r u...@domain.com -o zz.gpg zz The above works, if trustdb.gpg is writable. It fails if it is not: gpg: Fatal: can't open '/var/lib/asterisk/.gnupg/trustdb.gpg': Operation not permitted Why does gpg need trustdb.gpg to be writable? I am not asking to change any trust settings. I just need simply to encrypt file. thanks, _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
