I tried all methods to preset the passphase or standard input redirection so my gpg decryption will work and bypass the pinentry dialog, but all ways do not work. The pinentry still prompt for passphase. What can I do to automate the process and bypass the pinentry prompt?
I’m using the latest gnu4win programs.
gpg-connect-agent PRESET_PASSPHRASE [HEX 40-DIGITS KEYID] -1 [HEX VALUE PASSPHASE]
gpg-preset-passphrase --preset -P [HEX VALUE PASSPHASE] [HEX 40-DIGITS KEYID]
gpg command still prompt for pinentry
gpg -v --batch --yes -u “BL_PIP firstname.lastname@example.org” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]”
Tried echo the passphase int standard input
echo [ascci passphase]| gpg -v --batch --yes --passphrase-fd 0 -u “[LOCAL USER]” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]”
Tried passphase file redirect to standard input
gpg -v --batch --yes --passphrase-fd 0 -u “[LOCAL USER]” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]” < [PASSPHASE FILE]
Tried passphase as parameter
gpg --batch --yes --passphrase [ascci passphase] -u “[LOCAL USER]” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]”
please take a look at
Maybe removing the passphrase altogether or using the loopback mode works
for your use-case.
Presetting the passphrase should work, though.
just gave gpg-preset-passphrase a spin to see what might have gone wrong
and I have an idea: Maybe you had the wrong keygrip (and used the keyid instead, which won’t work, but will not give a warning).
See the documentation how to find the right keygrip.
And note that you have to give gpg-agent an option to allow gpg-preset-passphrase to work.
I’ve added both hints to the wiki page mentioned in my last reply.
Thanks for using Gpg4win and thanks that many of you set a reasonable price
when paying for it!
Thank you Bernhard for your reply.
Sorry about saying KEYID, I followed this forum https://lists.gnupg.org/pipermail/gnupg-users/2010-January/037876.html to get the keygrip (essentially fingerprint). I’ve added the allow-preset-passphase in the pgp-agent.conf in C:\Users\userid\AppData\Roaming\gnupg
I rather not remove the passphase if I could.
when using the steps I’ve outlined, it worked for me with Gpg4win 3.0.3.
The old instructions from 2010 might be slightly different from what has to be done today.
(Note that it is
My recommendation is that you recheck everything, maybe actually try the keygrip.
If the script with the presetting command is on your machine, then an attacker could gain access to the passphrase for the private key. If that is the case, there is no security gain in keeping a passphrase on the secret key itself.
Ethan I have an issue similar to this one and I’ve oppened a new thread because it’s not exactly the same. In my case I just cannot find configuration file after GPG4win installation.
If the config file is not there, just create it.
What is the command syntax to get the keygrip?
gpg --list-keys --with-keygrip WHICH
with WHICH specfiying the pubkeys you would want to list.