Can I pass the password from the command line?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'd like to script encryption and decryption from the command line. Is there a way to pass the encryption passphrase to GnuPG from the command line. For example: gpg2 --encrypt --recipient --passphrase anth...@cajuntechie.org SomePassphrase FileIWantToEncrypt Is this possible at all? If so, how? Also, the same question for decryption. Thanks! Anthony - -- Phone: 1.845.666.1114 Skype: cajuntechie PGP Key:0x028ADF7453B04B15 Fingerprint:C5CE E687 DDC2 D12B 9063 56EA 028A DF74 53B0 4B15 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWcJsNAAoJEAKK33RTsEsVOWYP/0gJszoRDGauIsmMMqR+UWDF Q4KkzzbqSNwJAc+xn+Rt1XnAYqK04cDfQjzAhTfJLnwGV47jfrS9GG/qfIPWgyv3 xilGvyrKXS2/YrNj+JGvcoN3S9jp2hrgXVoeqsx5Qiv7liG/NrajiStHnGXknqX5 lwXbuQ/o5BnHGS70s5mASGzgCWMUUxE5pB4EWJR247Dd0SevDBrE1XmEMxNFHoRj yG4PXj1YVjaWQhNT/lF/fSZi49b0ufwovsciusQPxZmzPsd503KqS+qkwB6mAhur mDu2BwqFu79qE4BJ3C4ccatbbxtfb6zmF703ChqnJLYef57Ox0mKnV8kxbHUSd+W vViovg/ptSj60IH3ppS/pO3juma0KFQuFU8eztnzhvvTXnfWEik7d+Q6y9LRRLtM x/Scujgjmk1SL3K15x8ZDnVOaQdit7q3Ylh6BKRnPnZiUWbd2UIDtrGXV9Av6Zrz j4M0cuEdUVzMzwNie9SUstKcEoQ3mCBzVeIGVRv48MaNw40A1Q1e9g3P62/0zJJg iqytI051E13bM/fF/uMt/j6OtpJHTXsfYHb3oYObmQGhMglReuPz4FbR3VcOSuc/ ge6zjcdkWrK5wGIRjCfjzQlEbEJZMzzchIQ7rnb7SJQw3VleBjHdzfQ+bi/6haxO E6QOdTeRg9VbgsGFZaLx =txgJ -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can I pass the password from the command line?
> On 15 Dec 2015, at 22:58, Anthony Papillion wrote: > > I'd like to script encryption and decryption from the command line. Is > there a way to pass the encryption passphrase to GnuPG from the > command line. I don't think there is a password parameter, and I'd strongly recommend not doing it even if there was. Many OSes make the command line parameters of processes available to any local user. Have you tried piping the password to stdin? Andrew ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can I pass the password from the command line?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/15/2015 5:07 PM, Andrew Gallagher wrote: > >> On 15 Dec 2015, at 22:58, Anthony Papillion >> wrote: >> >> I'd like to script encryption and decryption from the command >> line. Is there a way to pass the encryption passphrase to GnuPG >> from the command line. > > I don't think there is a password parameter, and I'd strongly > recommend not doing it even if there was. Many OSes make the > command line parameters of processes available to any local user. > > Have you tried piping the password to stdin? > > Andrew Thank you for the quick answer, Andrew. After thinking about it, I can see the absolute folly of having something set up the way I requested and I appreciate you pointing that out. I had not thought about piping to stdin - never even crossed my mind! Thanks again! -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWcKCIAAoJEAKK33RTsEsVSPMQALJOsQ3u7RYyERyPoJUtde8W bTTLaAXnfFmmhB/3EzNQBcrs0fPqc4uQ1UrB3iWITqA0rbf+9asrPETDaR3Ev2xq ilmpuZAO678NetEcG1Pc7w0gM9hNd8hDQcolRECYRBXfoPchTxGI3jaYjd3IKuOa W1jyUohW0kSkXg98m8GKkCrNTzLwePNWn9COXn7494Kq9rQLQ5+kCQmpjtSN64QY AXhVo0JF8xK55QPcMlnW6F5N93jLHneY+ymyK36hF3NFQL1X7r0BKtvby9SNhon6 kq+3yd6YLw8mjAEplgKPRHYerKPjrdUNVS4PtbI7hcoO4EaPK2e8Wdrg4kfAokSV q++n3ATsKResldBEZr6NOX425N5AmhIhtkMJt2l18V5mcyhWNwqpi4qkPwMmMlGA uqPe1zjXAaGuouWdjo96HDDZvmZLrYo92fE3Or3oK9HyZMwn9i2+rTlqPuOFgXmR VizXt04AZLKTDaC5X0VGMSsVLinmIDw0t+iky9jHfcttWpyPVHexozWLVosN7rJ2 +pSb5bU7HOZEUOXwaERzx/k5885m8hDkAIXuKscFHETLnTMXc00S3kZOMNdbqyRw 2NuL6FIA0VOGKZrJ/vUtHxyP16qjirlVRtsheX+MlXmUqYHEJDm6Cw4S3FtEZKo9 r6SnsxzigqY6CvbHOyGs =4k1n -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
RE: Can I pass the password from the command line?
There is under 1.4. Don't know if it is in v2. I'm not at my desk to pop the script open. But you could pipe the passphrase via stain and tell gpg to grab it from there. Be careful as that still leaves it in the clear to those reading your script. Potential local users could also see it if you echo'd it to the pipe. Sent from my Verizon Wireless 4G LTE smartphone Original message From: Andrew Gallagher Date: 12/15/2015 15:09 (GMT-08:00) To: Anthony Papillion Cc: gnupg-users@gnupg.org Subject: Re: Can I pass the password from the command line? > On 15 Dec 2015, at 22:58, Anthony Papillion wrote: > > I'd like to script encryption and decryption from the command line. Is > there a way to pass the encryption passphrase to GnuPG from the > command line. I don't think there is a password parameter, and I'd strongly recommend not doing it even if there was. Many OSes make the command line parameters of processes available to any local user. Have you tried piping the password to stdin? Andrew ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Can I pass the password from the command line?
El 15/12/15 a las 17:21, Anthony Papillion escribió: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/15/2015 5:07 PM, Andrew Gallagher wrote: On 15 Dec 2015, at 22:58, Anthony Papillion wrote: I'd like to script encryption and decryption from the command line. Is there a way to pass the encryption passphrase to GnuPG from the command line. I don't think there is a password parameter, and I'd strongly recommend not doing it even if there was. Many OSes make the command line parameters of processes available to any local user. Have you tried piping the password to stdin? Andrew Thank you for the quick answer, Andrew. After thinking about it, I can see the absolute folly of having something set up the way I requested and I appreciate you pointing that out. I had not thought about piping to stdin - never even crossed my mind! Thanks again! I recall that there is an option "--passphrase-file", which can be used to pass the password programatically. Of course, make sure that the file has secure permissions since it's created (or at least, written to) to store the password. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
