Cannot Decryption via UNIX shell script

Felipe Alvarez webmaster at felipe1982.com
Sat May 9 07:54:33 CEST 2009


On Wed, 6 May 2009 20:11:27 Bob Yang wrote:
> Hi All,
>
> I hit error when using the below script.
>
> gpg -e "key" "file" <<EOF
> yes
> EOF
>
> Error:
> It is NOT certain that the key belongs to the person named
> in the user ID.  If you *really* know what you are doing,
> you may answer the next question with yes
>
> Use this key anyway?
>
> Does anyone come across this before?
>
> Thanks,
> Bob
You must sign that recipient's public key with your private key. Do this 
only after verifying that the public key does indeed belong to the 
intended recipeint. For example, don't blindly sign a key that says 
bill.gates at microsoft.com is you are not sure that the key belongs to 
Bill Gates. It may belong to "me" and I will have the private key to 
decrypt any messages that you send (of course, I do not have an 
email address at domain microsoft.com). Also, if you choose "file" (as 
you have in your script) there is no need to provide standard input (as 
you wrote <<EOF yes EOF because your input is "file". You can 
specify "yes" as your input, and use the -o option to select your output 
file:

---code---
gpg -o file-to-send.gpg -r bill.gates at microsoft.com -e   <<EOF
please reboot your machine
EOF
---end-code---

Felipe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 258 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090509/1c9906ce/attachment.pgp>


More information about the Gnupg-users mailing list