I'm trying to script a gpg decryption, and as such need to provide the password on the command line. According to the man page, there are three ways to do this: read from a file using --passphrase-file
, read from stdin (or another file descriptor) using --passphrase-fd 0
, or include in the command line using just --passphrase
. All of the above also require --batch
to be set, which I did.
My most recent command line attempt is:
echo "<password>" | gpg2 --no-tty --batch --passphrase-fd 0 -d -o /<path_to_destination>/$FILE_NAME $FILE
which still pops up a dialog asking for the password. What am I missing here? For reference, if it makes a difference, my password does include some special characters like &
, but it doesn't appear to complain about that. Also, gpg version is 2.1.9:
# gpg2 --version
gpg (GnuPG) 2.1.9
libgcrypt 1.7.1
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
EDIT: Unlike How to force GPG to use console-mode pinentry to prompt for passwords?, which is simply trying to get a text-based password entry for use in a SSH session, I'm trying to get a completely non-interactive method of using GPG for use in scripting.
--no-use-agent
flag--passphrase
options it was ignoring it and popping up the gui agent, suppressing the agent made the passphrase options all work. Looked like the same answer should've worked, must be too different with the newer version of gpg. Especially since the answer's different, I guess it's not really a duplicate