'Suppress the passphrase prompt in GPG command

Edited Version

I have a question about GPG, but I write all of the process, maybe it will help someone.

I want to: Suppress the passphrase prompt in GPG command. I don't want to: use -c option (--symmetric).

I have 2 systems Linux and Windows. I want to send the data from Linux to Windows. I want to encrypt the data in Linux and decrypt in Windows.

  • myFileOnLinux.txt is a file on Linux that I want to encrypt.
  • [email protected] the UID of pair key.
  • myPasswordPhrase is the password phrase.

I installed GPG on both and did the steps:

  1. Generate a pair key in Windows: 

    gpg --gen-key

  2. Change the key parameter in Windows: 

    gpg --edit-key [email protected]

    trust
5
expire
0

  3. Export the public keys:

    gpg -a --export [email protected] > public.key

  4. Send the public key to the Linux machine.

  5. Import the public key in Linux.

    gpg --import public.key

  6. Change the trust parameter in Linux

    gpg --edit-key [email protected]

    trust
5

  7. Encrypt a file in Linux

    gpg --output output.enc --encrypt --recipient [email protected] myFileOnLinux.txt

  8. Send the encrypted file to Windows.

  9. Decrypt the file.

    gpg --batch --passphrase "myPasswordPhrase" -d -o test.dec output.enc

In Windows with a popup window it asked me the Passphrase again. How can I avoid it?

promptgnupgpassphrase


Solution 1:[1]

gpg --batch --import sec.key
gpg -d --batch --passphrase mypassphrase encrypted_file.gpg

the --batch flag supresses the passphrase prompt while importing keys as well as while decrypting the files.

Solution 2:[2]

If you want to use symmetric keys (-c option) then you just need to add the --quiet and --batch flags.

Here is a full working example:

gpg --symmetric --cipher-algo AES256 --passphrase mySuperCoolPassphrase --quiet file_to_encrypt.tftpl

github also has a working example of this which they use to decrypt the file in an automation https://docs.github.com/en/actions/security-guides/encrypted-secrets#limits-for-secrets

UPDATE

There is an issue with gpg decryption that made me think twice about using it in production. (Basically it hangs indefinitely unless you manually tinker with it) so I've decided to go with https://github.com/FiloSottile/age instead as it is simple to use, highly rated, and seems very reliable

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Jenison Gracious
Solution 2

Related Questions