[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [ANNOUNCE] experiemental dpkg available



Ben Collins wrote:
>On Thu, Oct 28, 1999 at 04:31:51PM +1300, Michael Beattie wrote:
>> [snip cool stuff]
>> > 
>> > Known problems, each .deb signed requires you to enter your passphrase
>> > twice (once for each member), which get's really old after the second or
>> > third package. Any help with getting around this would be nice.
>> ...
>> I know its something that is probably a security risk, but is it possible
>> to do something similar to ssh-agent?

>It probably would, which isn't all that insecure. Question is, some one
>needs to do it and send the patch to GPG. The alternative is gpg accepts a
>--fd-??? option that let's you tell it which fd to check for the
>passphrase, a forked process could then feed it to that fd repeatedly
>until killed.

I thought, GPG doesn't have this?  While looking at how to put it
in, I found it already does and it works fine.  It's just not in
the docs yet.

gpg --encrypt <test >test.encrypted

{
 echo password | gpg --decrypt --passphrase-fd=7 7<&0 0<&8
} <test.encrypted 8<&0 >test.decrypted

md5sum test test.decrypted

334c0659822d59433e7367ad32f6f246  test
334c0659822d59433e7367ad32f6f246  test.decrypted

Eric


Reply to: