Unable to batch decrypt messages on Windows
Mikkel Riber
riber at calico-jack.dk
Thu Jun 23 11:20:06 CEST 2016
Hello,
I've tried to setup so I can decrypt without typing in my password - since
this is needed for unattended machines. However I can't seem to get it to
work.
To ensure it had nothing to do with my keyfiles I started from a new
keyring.
I am running latest GnuPG v 2.1.13 and have also tested with v2.1.9 same
results.
C:\Users\mr>gpg --version
gpg (GnuPG) 2.1.13
libgcrypt 1.7.1
# Generation of my new key:
C:\Users\mr>gpg --gen-key
gpg (GnuPG) 2.1.13; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: keybox 'C:/Users/mr/AppData/Roaming/gnupg/pubring.kbx' created
Note: Use "gpg --full-gen-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: John Doe
Email address: john at doe.com
You selected this USER-ID:
"John Doe <john at doe.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? o
...
gpg: C:/Users/mr/AppData/Roaming/gnupg/trustdb.gpg: trustdb created
gpg: key 21EA293DB2F03772 marked as ultimately trusted
gpg: directory 'C:/Users/mr/AppData/Roaming/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as
'C:/Users/mr/AppData/Roaming/gnupg/openpgp-revocs.d\62AAA010AB8C52DC44EC04CE
21EA293DB2F03772.rev'
public and secret key created and signed.
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub rsa2048 2016-06-23 [S]
62AAA010AB8C52DC44EC04CE21EA293DB2F03772
uid [ultimate] John Doe <john at doe.com>
sub rsa2048 2016-06-23 []
# Encrypting my file plaintext.txt
C:\Users\mr>gpg --verbose --encrypt --armor -r john at doe.com plaintext.txt
gpg: using pgp trust model
gpg: using subkey 60C4F0C050369A62 instead of primary key 21EA293DB2F03772
gpg: This key belongs to us
gpg: reading from 'plaintext.txt'
gpg: writing to 'plaintext.txt.asc'
gpg: RSA/AES256 encrypted for: "60C4F0C050369A62 John Doe <john at doe.com>"
# Verify it is possible to decrypt using normal interactive mode
C:\Users\mr>gpg --decrypt plaintext.txt.asc
gpg: encrypted with 2048-bit RSA key, ID 60C4F0C050369A62, created
2016-06-23
"John Doe <john at doe.com>"
This is my secret!
# When trying any of below commands I'm still getting the prompt for
password.
C:\Users\mr>gpg --batch --passphrase-file password.txt --decrypt
plaintext.txt.asc
C:\Users\mr>gpg --batch --passphrase-fd 0 --decrypt plaintext.txt.asc
1234
C:\Users\mr>echo 1234| gpg --batch --passphrase-fd 0 --decrypt
plaintext.txt.asc
C:\Users\mr>gpg --batch --decrypt --passphrase-fd 0 --output output.csv
plaintext.txt.asc <password.txt
C:\Users\mr>gpg --batch --passphrase 1234 --decrypt plaintext.txt.asc
Any advice how to get this to work?
Any input is welcome, thank you.
Kind regards
Mikkel R.
More information about the Gnupg-users
mailing list