'suppress warning messages in gnupg
I was using gpg to just for encryption and decryption purpose.
the commands I used are:
for enc:
gpg --sign test
for dec:
gpg --decrypt test.gpg > test
but I am getting below warning messages :
gpg: Signature made Fri Jun 24 17:29:00 2016 UTC using RSA key ID XXXX
gpg: Good signature from "[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
off course I have tried with
--status-fd, --no-comment, --no-mdc-warning,--no-tty ,--no-verbose --quiet --batch, --no-greeting etc based on Internet search.
Is there a way to get rid off these warning messages ?
As a last option, I am using How to hide command output in bash
But I think there should be an easy method to suppress warning in gpg.
Solution 1:[1]
but I am getting below warning messages :
gpg: Signature made Fri Jun 24 17:29:00 2016 UTC using RSA key ID XXXX gpg: Good signature from "[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner.
The first two lines are not actually a warning message, but just inform you of a correct signature (the file you decrypted was not only encrypted, but also signed). The last two messages indicate that the signing key could not be verified.
Do not simply discard all output to stderr, as this hides actual problems and errors! Instead of simply suppressing all warning and error messages, better consider this individual message. The issue is that the key cannot be validated, ie. no trust path can be established. Given you verified the key (are sure about the owner), best solution would be to issue a certification. Open the GnuPG key editing command line:
gpg --edit-key [key-id]
and then certify the key using the sign command. You could also lsign (locally sign) the key if you want to be sure the certification will not leave your computer.
Alternatively (and only use this for testing environments or if you're otherwise sure about having the key verified, or definitely do not have to care about where the message came from) you could apply the --trust-model always option.
Solution 2:[2]
This question was asked a few years ago, but these days gpg does have a --quiet (or -q) switch. So commands like gpg --decrypt --quiet <filename> work.
The man page has details, and I've confirmed it works with gpg 2.2.x.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jens Erat |
| Solution 2 | sigint |