Re: _almost_ working, now a command line question...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 From: Maury Markowitz Date: Fri, 29 Feb 2008 15:10:47 -0500 Subject: _almost_ working, now a command line question... All that's left now is to fully automate this, and my Windows CMD noobishness is an issue. Here's my command line: O:\Utilities>echo o:\apricing\pass.txt | o:\utilities\gpg --homedir o:\utilities \ --passphrase-fd 0 --load-extension o:\utilities\idea.dll -o "o:\apricing\morga n_cds_20080229.txt" -d "o:\apricing\24476.txt.pgp" And here are the results (slightly trimmed to protect the innocent): Reading passphrase from file descriptor 0 You need a passphrase to unlock the secret key for user: "Polar Securities Inc <[EMAIL PROTECTED]>" 2048-bit ELG-E key, ID 3E396FC9, created 2000-10-27 (main key ID F0ED5CDC) gpg: encrypted with 2048-bit ELG-E key, [snip] gpg: public key decryption failed: bad passphrase pass.txt absolutely has the right key in it. I tried both | and >, the later did nothing at all (which I guess makes sense). Doesn't echo o:\apricing\pass.txt produce output of "o:\apricing\pass.txt"? You might have better luck redirecting gpg's standard input from pass.txt, like this: o:\utilities\gpg --homedir o:\utilities \ --passphrase-fd 0 \ --load-extension o:\utilities\idea.dll \ -o "o:\apricing\morgan_cds_20080229.txt" \ -d "o:\apricing\24476.txt.pgp" < o:\apricing\pass.txt Also, be careful of extra whitespace in pass.txt. Steve -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.8 (Darwin) iEYEARECAAYFAkfIiyYACgkQX7YJI4BuyDQf0QCg2AUA0Bd/o6h7mI1RF4gswPYT /uwAoLJGeBhHn62VHZA1LhCHhkIeVbPn =oJI2 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Maury Markowitz wrote: > So after finally deciding to trust that gpg was giving me an accurate > error, and that the passphrase really was wrong, I spend the last week > scaring up someone within the labyrinths that could actually change > the key to the one that we know works. Presto! Working file. > > Lesson learned: You CAN simply copy binary key files from pgp to gpg, > which is really nice. > > All that's left now is to fully automate this, and my Windows CMD > noobishness is an issue. Here's my command line: > > O:\Utilities>echo o:\apricing\pass.txt | o:\utilities\gpg --homedir > o:\utilities > \ --passphrase-fd 0 --load-extension o:\utilities\idea.dll -o > "o:\apricing\morga > n_cds_20080229.txt" -d "o:\apricing\24476.txt.pgp" > > And here are the results (slightly trimmed to protect the innocent): > > pass.txt absolutely has the right key in it. I tried both | and >, the > later did nothing at all (which I guess makes sense). > > Anything obvious here? You could try --passphrase-file o:\apricing\pass.txt after removing --passphrase-fd This is *very* sensitive to line endings. I had to run dos2unix on the passphrase file before the command would work. DIR or 'ls -l' on the passphrase file should show a length one greater than the character count in the passphrase (just ). Windows will create the file with and the will muck things up. You may also wish to include --batch on the command line. -- John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con Ginger Bear Networks hkp://keyserver.gingerbear.net "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Hi! Am Freitag, den 29.02.2008, 15:10 -0500 schrieb Maury Markowitz: > O:\Utilities>echo o:\apricing\pass.txt | ... Try "type o:\apricing\pass.txt | ..." if you really want to do it this way. cu, Sven ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Holy smokes, this is much more annoying than I thought possible! Using either the | and < methods of passing in the passphrase works from the CMD window and I can decrypt the file fine. Even cutting and pasting the command string in works fine. But when I shell the exact same line of text (which is where I cut it from) into the VBA Shell command, which I do for literally dozens of tasks, it does not work. GPG puts up the message: Reading passphrase from file descriptor 0 ... And then just sits there. Perhaps I can't call a pipe or redirect in the VBA shell command; if try I'm pretty much sunk unless I can get --passphrase-file to work. And it doesn't. Is --passphrase-file a feature of 2.0 only? If so, is there somewhere where I can get a compiled windows binary of it? Maury ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
re: _almost_ working, now a command line question...
Maury Markowitz (maury.markowitz at gmail.com) wrote on Mon Mar 3 17:44:29 CET 2008 : >Reading passphrase from file descriptor 0 ... >And then just sits there. Perhaps I can't call a pipe or redirect in >the VBA shell command; if try I'm pretty much sunk unless I can get >--passphrase-file to work. And it doesn't. try this instead of --passphrase-file --passphrase string where 'string' is your actual passphrase vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Study law at a school near you. Click for more info. http://tagline.hushmail.com/fc/Ioyw6h4fKhB6woOND8XrZNYjtiE674DR6zTihOxTinc29rbkOp7MLd/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
On Mon, Mar 3, 2008 at 12:53 PM, <[EMAIL PROTECTED]> wrote: > --passphrase string > where 'string' is your actual passphrase Worth a try, but: gpg: failed to translate osfhandle 004A Maury ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
re: _almost_ working, now a command line question...
Vedaal, This works well if your willing to have the passphrase in the code base calling GnuPG, but I'm not allowed to. Instead I will be using a file with the permissions restricted. I will be able to get around this once development is complete, as this is only being tested on my windows machine, but will be deployed to Unix type server where the ---passphrase-file option is supported. Thanks Scott S. <[EMAIL PROTECTED]> Sent by: gnupg-users-bounc To es+seidls=schneid "gnupg" [EMAIL PROTECTED] cc Subject 03/03/2008 11:53 re: _almost_ working, now a AMcommand line question... Maury Markowitz (maury.markowitz at gmail.com) wrote on Mon Mar 3 17:44:29 CET 2008 : >Reading passphrase from file descriptor 0 ... >And then just sits there. Perhaps I can't call a pipe or redirect in >the VBA shell command; if try I'm pretty much sunk unless I can get >--passphrase-file to work. And it doesn't. try this instead of --passphrase-file --passphrase string where 'string' is your actual passphrase vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Study law at a school near you. Click for more info. http://tagline.hushmail.com/fc/Ioyw6h4fKhB6woOND8XrZNYjtiE674DR6zTihOxTinc29rbkOp7MLd/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Maury Markowitz wrote: > And then just sits there. Perhaps I can't call a pipe or redirect in > the VBA shell command; if try I'm pretty much sunk unless I can get > --passphrase-file to work. And it doesn't. Option order is sometimes important > Is --passphrase-file a feature of 2.0 only? If so, is there somewhere > where I can get a compiled windows binary of it? Been a part of gnupg 1.x for ages. I tested it on XP with GnuPG 1.4.8 gpg --batch --passphrase-file <> --output <> --decrypt <> Here's a test I just did in %TEMP%: gpg --batch --passphrase-file passphr --output ptshowdown.decrpt.bmp --decrypt ptshowdown.bmp.asc gpg: encrypted with 2048-bit ELG-E key, ID EF4010D2, created 2003-03-06 "John P. Clizbe " The passphrase file passphr was created with Cygwin's 'echo -n' There is yet no binary of GnuPG 2.0 for windows -- John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con Ginger Bear Networks hkp://keyserver.gingerbear.net or Send email with subject HELP to [EMAIL PROTECTED] "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Can you try it when streaming data to GnuPG? The following command did not work for me: echo TEST |gpg --clearsign -a --passphrase-file passfile Output: Reading passphrase from file descriptor 3 You need a passphrase to unlock the secret key for user: "XXX" 1024-bit DSA key, ID XXX, created 2008-01-29 gpg: no default secret key: bad passphrase gpg: [stdin]: clearsign failed: bad passphrase Thanks Scott S John Clizbe <[EMAIL PROTECTED] om>To Sent by: Maury Markowitz gnupg-users-bounc <[EMAIL PROTECTED]>, GnuPG [EMAIL PROTECTED] Users cc 03/03/2008 04:23 Subject PM Re: _almost_ working, now a command line question... Please respond to GnuPG Users <[EMAIL PROTECTED] g.org> Maury Markowitz wrote: > And then just sits there. Perhaps I can't call a pipe or redirect in > the VBA shell command; if try I'm pretty much sunk unless I can get > --passphrase-file to work. And it doesn't. Option order is sometimes important > Is --passphrase-file a feature of 2.0 only? If so, is there somewhere > where I can get a compiled windows binary of it? Been a part of gnupg 1.x for ages. I tested it on XP with GnuPG 1.4.8 gpg --batch --passphrase-file <> --output <> --decrypt <> Here's a test I just did in %TEMP%: gpg --batch --passphrase-file passphr --output ptshowdown.decrpt.bmp --decrypt ptshowdown.bmp.asc gpg: encrypted with 2048-bit ELG-E key, ID EF4010D2, created 2003-03-06 "John P. Clizbe " The passphrase file passphr was created with Cygwin's 'echo -n' There is yet no binary of GnuPG 2.0 for windows -- John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con Ginger Bear Networks hkp://keyserver.gingerbear.net or Send email with subject HELP to [EMAIL PROTECTED] "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" (See attached file: signature.asc) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users signature.asc Description: Binary data ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
[EMAIL PROTECTED] wrote: > Can you try it when streaming data to GnuPG? The following command did not > work for me: > > echo TEST |gpg --clearsign -a --passphrase-file passfile > > Output: > Reading passphrase from file descriptor 3 > > You need a passphrase to unlock the secret key for > user: "XXX" > 1024-bit DSA key, ID XXX, created 2008-01-29 > > gpg: no default secret key: bad passphrase > gpg: [stdin]: clearsign failed: bad passphrase Scott, I had the same type of passfile error when I created the file using Windows ECHO which sticks on the end. Does running DIR or ls -l on the passphrase file show it to be longer than it actually is? (Add one byte for end-of-file plus one for CR and another for LF) You can run a hex dump utility such as dump from the cygutils package to verify this. The last bytes will be 0D 0A for CR-LF. You can get cygutils from : http://gnuwin32.sourceforge.net/packages/cygutils.htm If so, running dos2unix on passfile /may/ solve things. It's available from a variety of sources. The GnuWin32 project is a handy source - it's also in the cygutils package. It worked for me with the other batch decrypt problem yesterday, but not yours today. Using the Gnu version of echo with the suppress newline option 'echo -n' to create passfile is also an option, probably the best. echo is part of the coreutils package and is also available from the GnuWin32 project: http://gnuwin32.sourceforge.net/packages/coreutils.htm Using 'echo -n' to create passfile is what worked for me using your command from above. passfile was created with :\path\to\echo -n passphrase > passfile DIR showed passfile to be exactly the same length as the passphrase. C:\WINDOWS\Temp>echo TEST |gpg --clearsign -a --passphrase-file passfile Reading passphrase from file descriptor 3 You need a passphrase to unlock the secret key for user: "John P. Clizbe <[EMAIL PROTECTED]>" 1024-bit DSA key, ID 608D2A10, created 2003-03-06 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 TEST -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (WinXP Pent3) Comment: When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG Comment: Be part of the รบ33t ECHELON -- Use Strong Encryption. Comment: It's YOUR right - for the time being. iEYEARECAAYFAkfM0doACgkQHQSsSmCNKhAEJACgwOGzO7EdW2g+4PeTeCmzCnNB e54An06ZsePo75r6qrMO4+5jS87TqM3S =5aOz -END PGP SIGNATURE- -- John P. Clizbe Inet: JPClizbe (a) tx DAWT rr DAHT con Ginger Bear Networks hkp://keyserver.gingerbear.net or Send email with subject HELP to [EMAIL PROTECTED] "Be who you are and say what you feel because those who mind don't matter and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go" signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
Hi! John Clizbe schrieb: Using the Gnu version of echo with the suppress newline option 'echo -n' to create passfile is also an option, probably the best. FWIW, I just created a text file using *notepad*, containing "1234567890" (without pressing enter after that line, and without the quotes) and the length is shown to be exactly 10 bytes (by rightclick-properties and dir). This file can be used as --passphrase-file for a key that I generated to use 1234567890 as passphrase. cu, Sven ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: _almost_ working, now a command line question...
On Mon, Mar 3, 2008 at 5:23 PM, John Clizbe <[EMAIL PROTECTED]> wrote: > Been a part of gnupg 1.x for ages. I tested it on XP with GnuPG 1.4.8 > > gpg --batch --passphrase-file <> --output <> --decrypt <> Frigging frig! I had download 1.2.2! Where the heck did I get that?! Everything is working perfectly now. Thanks to everyone that helped this noob get up and running. I'll try to repay the kindness by returning the favor. Maury ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users