gpg2 --passphrase-fd causing wrong encryption

I’m encrypting files for the Finnish Customs authority with their provided public key.

It seems like this option breaks the encryption, in some cases: When using the Finnish Customs’ public key, they cannot decrypt the file. When I use my personal key, I can decrypt with Kleopatra.
However, if I remove the “–passphrase-fd 0” option, they can successfully decrypt the file.

I use these command lines, the first generates an undecryptable file, the last generates a decryptable file:

gpg2 --homedir c:\Users\Peter\AppData\Roaming\gnupg\ –keyring c:\Users\Peter\AppData\Roaming\gnupg\pubring.gpg --passphrase-fd 0 --trust-model always --no-verbose --batch --recipient “” --encrypt < “.\IntrastatReport_Intrastat.txt” > “.\IntrastatReport_Intrastat.txt.gpg2-test2.asc”

gpg2 --homedir c:\Users\Peter\AppData\Roaming\gnupg\ –keyring c:\Users\Peter\AppData\Roaming\gnupg\pubring.gpg --trust-model always --no-verbose --batch --recipient “” --encrypt < “.\IntrastatReport_Intrastat.txt” > “.\IntrastatReport_Intrastat.txt.gpg2-test3.asc”

Can anyone repeat this?

I realize that using “–passphrase-fd 0” collides with using standard input and output for data in and out, but encryption-only should ignore the --passphrase-fd option, shouldn’t it?


Try to reproduce this with a key that is known to developers, e.g. the test keys coming with a source distribution of gnupg.

Maybe there is a message coming if you use this key and then it collides with stdout. (Just an idea).

No problem, but which key? Someone, preferably on this list or on the that has the private key and can test decryption.

I found these sample keys, are there more?

I have tried without redirecting output and there is nothing extra in the output.
The troublesome key in question is the Finnish Customs Authority’s public key, which is a 1024-bit DSA key, valid forever.