Results 1 to 10 of 12

Thread: automatic entry of gpg passphrase

Hybrid View

  1. #1
    Join Date
    Nov 2008
    Beans
    158

    automatic entry of gpg passphrase

    thank you for your consideration but please spare me the lectures on why this is insecure, i have heard it all and understand your point, but you are not in my situation. let's just focus on a solution.

    i am mainly using gpg with thunderbird for encrypting/signing e-mail, via the enigmail plugin.

    in windows xp i was able to use the gpg option '--passphrase-file <filename>' to define a file with the passphrase contained in it. this way, the passphrase was automatically read and i did not need to type it. now, in ubuntu, that option doesn't seem to have any effect, as i am asked for the passphrase.

    now i understand i am using a more secure environment than windows xp, so this may be a little harder to get working. but, keep in mind that '--passphrase-file' is a valid option and should be able to work. however, maybe some other things need to be adjusted/configured, like gpg-agent or something to handle the passphrase instead....

    please let me know.

  2. #2
    Join Date
    Nov 2008
    Beans
    158

    Re: automatic entry of gpg passphrase

    bump

  3. #3
    Join Date
    Nov 2006
    Location
    40.31996,-80.607213
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: automatic entry of gpg passphrase

    Why doesn't the --passphrase-file option work? I have never tried it, but it should work if the path to the file is correct, and the permisions are set so you can read the file.
    "Security lies within the user of who runs the system. Think smart, live safe." - Dr Small
    Linux User #441960 | Wiki: DrSmall

  4. #4
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,554
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: automatic entry of gpg passphrase

    Could you provide an example of your command line syntax and provide the permissions (ls -la) of the passphrase file?

  5. #5
    Join Date
    Nov 2008
    Beans
    158

    Re: automatic entry of gpg passphrase

    this is what i can see enigmail doing by looking at the openpgp console:

    Code:
    /usr/bin/gpg --charset utf8 --passphrase-file /full/path/to/file --batch --no-tty --status-fd 2 -d --use-agent
    i also have the enigmail option "never ask for any passphrase" checked.

    i am still prompted for the passphrase.

    permissions of the passphrase-file are 600 (-rw-------)

  6. #6
    Join Date
    Nov 2008
    Beans
    158

    Re: automatic entry of gpg passphrase

    i think the issue here is seahorse is intercepting the passphrase request from gpg. i have loaded password and encryption settings (system > preferences) and i told it to remember the passphrase and show the icon, etc.

    i tried using enigmail and typed in my passphrase once, and now i see the keys icon down in the notification area, indicating it's remembered my passphrase. so this is kind of along the lines of what gpg option --passphrase-file will do, but not quite.

    i have loaded seahorse (accessories > passwords and encryption keys) and i see, on the passwords tab, that it has my GPG key passphrase remembered there.

    if we can get seahorse to permanently remember my passphrase, that would be acceptable. it would need to remember it after reboots, etc. i see that it has wifi passwords also stored in there, which are remembered after reboots, so perhaps this is possible?

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •