Newbie can't get --passphrase option to work
Peter Lebbing
peter at digitalbrains.com
Tue May 16 13:41:40 CEST 2017
On 16/05/17 13:31, Dan Kegel wrote:
> That wasn't my experience. I used keys with no passphrase,
> and *still* had to use loopback (and jump through other hoops) to get
> gpg to work unattended.
I was talking about the things one usually does on a headless server,
which is decryption and data signatures. I'm unaware of this having any
issues, and I don't see you mention them in your referenced posts either.
I haven't ever heard unattended certifications being discussed, I don't
know if it is straightforward.
With regards to key management, this is often something a logged in
human user does and can hence do without having to wrestle unattended
stuff. I understand this doesn't always apply, but the OP here was
talking about decryption, not key management. That should be
straightforward.
When I say, by the way, that having no passphrase is better than using a
passphrase which is literally contained in a script, I'm saying that it
is usually better, not that it is always appropriate. It might be
appropriate to solve it in a different way, but a passphrase literally
in a script is probably not it.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170516/c5bdedc0/attachment.sig>
More information about the Gnupg-users
mailing list