This is less sinister than what it sounds, but nevertheless necessary when one forgets the passphrase and has no revocation cert handy.
I am trying to come up with a script to crack the passphrase, but my poor scripting ability (non-existent really) hampers my efforts. Looking at google I ended up with this modified example: ======================================= #!/bin/bash # # try all word in test.txt for word in $(cat test.txt); do # try to encrypt with $word passphrase echo "${word}" | gpg --passphrase-fd 0 --no-tty -a --export seckey.gpg -o file; # if decrypt is successfull; stop if [ $? -eq 0 ]; then echo "GPG passphrase is: ${word}"; exit 0; fi done; exit 1; ======================================= The file test.txt has a list of passwords (one in each line, no spaces) I am told 'sound like' the passphrase the user had set. The output file is not created (therefore I assume that the script does not work) but prints out the public key and only the first passphrase in the list: ======================================= $ ./crackgpg.sh gpg: enabled debug flags: memstat gpg: writing to stdout -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.17 (GNU/Linux) [snip ...] -----END PGP PUBLIC KEY BLOCK----- random usage: poolsize=600 mixed=0 polls=0/0 added=0/0 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 0/32768 bytes in 0 block GPG passphrase is: sebpirleydrodujrem ======================================= Any idea what I could use in the above script to make it try one word at a time, not ask for confirmation and print the *successful* passphrase word at the end? Any other scripting suggestions also welcome. -- Regards, Mick