HPE Community
Operating System - Linux
1752451 Members
6230 Online
108788 Solutions
New Discussion юеВ

GPG decrypting thru HP-UX shell script

 
Hugo Capinha
Established Member

тАО09-23-2005 01:28 PM

тАО09-23-2005 01:28 PM

GPG decrypting thru HP-UX shell script

Hi,

I am trying to create a shell script on hp-ux 11i that uses GPG to decrypt a file someone else encrypts with my key on a routine basis. I can not get the script to decrypt the file without asking for a passphrase, and am having difficulty trying to feed the passphrase so that GPG can decrypt the file. Does anyone know how I can feed the passphrase or have the script decrypt the file without asking for a passphrase?

Any help would greatly be appreciated,

Thanks
0 Kudos
Reply
5 REPLIES 5
Hakan Aribas
Valued Contributor

тАО09-24-2005 11:57 AM

тАО09-24-2005 11:57 AM

Re: GPG decrypting thru HP-UX shell script

Hi,

Encrypting files from within PHP
--------------------------------
After running this script you will find 'secret_file.txt.gpg' in your directory.

$gpg = '/usr/bin/gpg';
$recipient = 'john@doe.com';
$secret_file = 'secret_file.txt';

echo shell_exec("$gpg -e -r $recipient $secret_file");
?>


This script takes the value of $argv[1], the first argument after the script name, and passes it to GnuPG for encrypting

$gpg = '/usr/bin/gpg';
$recipient = 'john@doe.com';
$encrypted_file = 'foo.gpg';

shell_exec("echo $argv[1] | $gpg -e -r $recipient -o $encrypted_file");
?>



0 Kudos
Reply
monasingh_1
Trusted Contributor

тАО09-25-2005 09:19 AM

тАО09-25-2005 09:19 AM

Re: GPG decrypting thru HP-UX shell script

We are running the script on solaris that does encrypt using

gpg -v -e -r "encryption key " -o encryptedfile org_file

and decrypting when file is received using

gpg -v -d -r "decrypt key " -o decrypted_file recd_org_encrypted_file

Is this something you are looking for? With gpg, you must use the key/paraphrase to decrypt the file.

hope this helps...
0 Kudos
Reply
Hugo Capinha
Established Member

тАО09-26-2005 01:59 AM

тАО09-26-2005 01:59 AM

Re: GPG decrypting thru HP-UX shell script

monasingh,

I have tried your suggestion, but still get prompted for a passphrase ("You need a passphrase to unlock the secret key for..."). Any other suggestions?
0 Kudos
Reply
Gunnar Schwant
New Member

тАО01-02-2007 09:58 PM

тАО01-02-2007 09:58 PM

Re: GPG decrypting thru HP-UX shell script

Hi,

try

echo "[YOUR PASSPHRASE]" | gpg -o [OUTPUTFILE] --batch --passphrase-fd 0 -d [INPUTFILE]

where [YOUR PASSPHRASE] has to be replaced with your passphrase, [INPUTFILE] has to be replaced with the full pathname of the encrypted file, and [OUTPUTFILE] has to be replaced with the full pathname of the decrypted file.

Cheers,
Gunnar.
Nobody expects the spanish inquisition!
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО01-03-2007 03:04 AM

тАО01-03-2007 03:04 AM

Re: GPG decrypting thru HP-UX shell script

Which GPG ("gpg --version")?

> [...] am having difficulty trying to feed
> the passphrase [...]

What did you try? What happened?

http://www.gnupg.org/(en)/documentation/index.html

On:
http://www.gnupg.org/(en)/documentation/manpage.en.html
I see:

[...]
--passphrase-fd n

Read the passphrase from file descriptor n.
If you use 0 for n, the passphrase will be
read from stdin. This can only be used if
only one passphrase is supplied.
Don't use this option if you can avoid it.
[...]

I haven't looked at the GPG code for this,
but it seems likely (or at least plausible)
that it attempts (by default, expecting
interactive input) to read the passphrase
from /dev/tty rather than from stdin.

Of course, this option tends to lead to
people storing a passphrase in some script
somewhere, which is an obvious security
problem, hence the discouragement in the
documentation.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.