Hi,
In command line:
gpgsm -o Outputfile.txt -d InputFile.p7m
I manually have to write passphrase in a pinentry window.
Is it possible in command line to write the “Passphrase” value?
I have search this forum and found interesting information about doing this with
echo YOURpassPHRASE|gpgsm --batch --yes --passphrase-fd 0 -o Outputfile.txt -d InputFile.p7m
I get gpgsm: invalis option “—passphrase-fd”
Is it possible to do this?
We use X.509 certificates.
Thanks!
Hi!
As I copied your line wich states the invalid option argument, I noticed, that in front of the options, there are not two dashes “–”, but one long dash “—”. This may already help.
The “–passphrase-fd n” option reads the passphrase from the file that is located at “n”. So
echo YOURpassPHRASE|gpgsm --batch --yes --passphrase-fd 0 -o Outputfile.txt -d InputFile.p7m
Is just a work around to not save the passphrase into a file. But note, that you have to escape special chracters.
However, it could be that your version is that old, that --passphrase-fd is not implemented. I got a local installation of “gpgsm (GnuPG) 2.2.0” and i have the option installed.
It seems that you are working with or for a company, if you have further questions and issues, please consider consulting our paid and professional support (Gpg4win - Professional Support). If you are just curious, consider a donation (Gpg4win - Donate) to keep up the work at Gpg4win.
Hope my answer helped,
Jochen
Hi,
I have used two dashes “–” see attached file.
I use gpg4win version 2.3.4 downloaded from https://www.gpg4win.org/
I think it is strange that passphrase-fd is not implemented in this version.
Is there another way to do this?
I think it is very strange that this is so difficult. This is something that everyone is interested to do. I hope that you can tell the answer/advice here because it is not only me that is interested in this.
Thanks
Jo
Hi Jo,
note that there are a number of different use case how to enter a passphrase
automatically. (And yes, it should get its own wiki page to have an overview of the answers.)
a) unattended machine, rebootable:
→ use a secret key without passphrase
b) unattended machine, manual reboot:
→ use gpg-preset-passphrase with the agent
Variant of a) and b) to protect the secret key material better:
→ use a hardware crypto token (usb stick or smartcard)
(Currently I’m unsure if there are smartcard without pins for a)).
c) Passphrase is coming from a different code part (e.g. interactively)
→ fullfill the pinentry protocol, so your code is a special pinentry
Hope this helps, asking on gnupg-users@ is another options.
Best,
Bernhard
Ok, thanks Bernhard
… but I don’t understand why passphrase-fd is not implemented here when Jochen have it in an older version…
I actually use the newest version that is packaged in the Release Candidates (https://wiki.gnupg.org/Gpg4win/Testversions)
ok, so passphrase-fd is not working in gpg4win version 2.3.4? I will try the testversion.
I have testet with https://wiki.gnupg.org/Gpg4win/Testversions
and command:
echo YOURpassPHRASE|gpgsm --batch --yes --passphrase-fd 0 -o Outputfile.txt -d InputFile.p7m
Now I don’t get any error regarding “passphrase-fd” 
but I get the pinentry window and have to write the passPhrase. Must I do something more to avoid to write the passPhrase?
Thanks.
I now use Gpg4win 3.0 pre-release versions.
echo YOURpassPHRASE|gpgsm --batch --yes --passphrase-fd 0 -o Outputfile.txt -d InputFile.p7m
I must write Passphrase - ref attached file.
How can I setup this so that I don’t need to write Passphrase in pinentry?
I can’t find any infomation about how to setup this in this new version.
Can you please give some advice?
Thanks
I don’t need Passphrase. Then it’s working. Thanks