Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: devel

some questions on using gpg in scripting

  

 
GnuPG devel RSS feed   Index | Next | Previous | View Threaded


philcerf at googlemail

Nov 21, 2009, 6:47 AM

Post #1 of 2 (298 views)
Permalink
some questions on using gpg in scripting
Hi.

I'd like to use gpg in some scripts for decryption only.

The encrypted files are mainly symmetrically encrypted (I mean the
session key), but it could also happen, that there appear some
asymmetrically encrypted files.
I want to prevent gpg to try writing to disk (especially ~/.gnupg) as
this might be read only.

What I do now is:
{ echo $passphrsae; cat message; } | gpg --batch --no-options
--no-random-seed-file --no-default-keyring --keyring /dev/null
--secret-keyring /dev/null --trust-db-name /dev/null --passphrase-fd 0
--decrypt | doFurtherStuff

With --no-options I prevent the creation of ~/.gnupg and usage
gpg.conf, which is exactly what I want.
With --keyring /dev/null --secret-keyring /dev/null I give it some
(empty) keyrings
With --no-default-keyring I prevent that it fails because no
~/.gnupg/pub|secring.gpg exist.

So far so good. I would however like to let is use
~/.gnupg/pub|secring.gpg but only if they exist (it should not create
them) and it should never use gnupg.conf.
Is this possible?

Regards,
Philippe

btw: The manpage says, with --no-tty, gnugp would never ever write to
the terminal. It does hoewever (e.g. error messages that no keyrings
exists, or no MDC was found.)

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


lists at lina

Nov 21, 2009, 8:14 AM

Post #2 of 2 (266 views)
Permalink
Re: some questions on using gpg in scripting [In reply to]
On Sat, Nov 21, 2009 at 03:47:34PM +0100, Philippe Cerfon wrote:
> So far so good. I would however like to let is use
> ~/.gnupg/pub|secring.gpg but only if they exist (it should not create
> them) and it should never use gnupg.conf.
> Is this possible?

Well, if you start if from a script, why dont you set the options depending
on the existence of the files?

> btw: The manpage says, with --no-tty, gnugp would never ever write to
> the terminal. It does hoewever (e.g. error messages that no keyrings
> exists, or no MDC was found.)

Are you sure it is tty and not stderr?

Gruss
Bernd

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

GnuPG devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.