Re: encrypt file in batch mode
I can answer why the passphrase is needed: You are using the -s option which tells gpg to sign the file, which requires your private key. Brian On 11/2/19 11:14 AM, Fourhundred Thecat wrote: > On 02/11/2019 16.51, Tony Lane via Gnupg-users wrote: >> On 11/2/19 10:35 AM, Fourhundred Thecat wrote: >> >>> how can I simply encrypt a file in "batch mode", ie in a script, without >>> user interaction, without need for the user to type password, without >>> gpg agent? >> >> gpg --batch --yes --passphrase="pw" --pinentry-mode loopback -o zz -esr >> u...@domain.com zz.gpg > > Unfortunately, this does not work. I get same error as before (pasted > below). > > Also, what is the purpose of --passphrase="pw", when I want to encrypt > using public key ? > > > $ gpg --batch --yes --passphrase="pw" --pinentry-mode loopback -o zz.gpg > -esr u...@domain.com zz > > gpg: starting migration from earlier GnuPG versions > gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory > gpg: can't connect to the agent: No such file or directory > gpg: error: GnuPG agent unusable. Please check that a GnuPG agent can be > started. > gpg: migration aborted > gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory > gpg: can't connect to the agent: No such file or directory > gpg: failed to start agent '/usr/bin/gpg-agent': No such file or directory > gpg: can't connect to the agent: No such file or directory > gpg: keydb_search failed: No agent running > gpg: no default secret key: No agent running > gpg: zz: sign+encrypt failed: No agent running > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg encrypt always creates a new encrypted file
Writing over the original file as "gpg -encrypt foo && mv foo.gpg foo" would do will also :potentially: leave remnants of the original unencrypted file around. The encrypted file will most likely be smaller (if plain text) than the original, thus not as many blocks may be used... also, I don't think a file system would ensure the :same: blocks will be used, so writing over the original file may not actually overwrite the original at all. I would suggest after creating the encrypted file, use a command such as "wipe" to securely delete the original file rather than trying to overwrite it. Brian On 10/28/19 2:40 PM, vedaal via Gnupg-users wrote: > On 10/28/2019 at 3:43 PM, "Phillip Susi" wrote:Anil > Kumar Pippalapalli via Gnupg-users writes: > >> Hello, >> I am trying to encrypt a file on my system using gpg —encrypt command but it >> always creates a new encrypted file I want to overwrite the original file >> instead so that I can only open it using passphrase. Is this possible. > > gpg -encrypt foo && mv foo.gpg foo > > = > > Alternatively, if you want no record of the plaintext written to a file at > all, you can type it into the command line, and have only the encrypted > output written: > > printf "whatever you write as plaintext" | gpg -a -e -r -o -filename.gpg | > more > > (obviously not intended for big files, or non-text files, but occasionally a > useful workaround if you aren't comfortable with your system's 'wipe' > process.) > > > vedaal > > > ___ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users