LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-30-2014, 11:52 PM   #1
Mesopotamia
LQ Newbie
 
Registered: Mar 2014
Posts: 3

Rep: Reputation: Disabled
Verifying Passphrase in GPG


Hi all,

I've written a script which creates an encrypted file from a plain text file using the following string:

Code:
gpg --passphrase supersecretpassword --cipher-algo AES256 --symmetric ~/password.txt
I've also written a script which decrypt the same file using the following:

Code:
gpg --batch --yes --passphrase supersecretpassword -o password.txt -d password.gpg &> /dev/null
The scripting language I used is bash!

My problem here as that I want the script to throw an error when the entered passprhase (i.e the passphrase is entered manually) is wrong.

I have no idea how I could get gpg to do the following:

Code:
if [ passphrase is wrong ]
then 
     quit the script!
else
     continue the script!
It would be appreciated if someone who's experienced with GPG could shed some light of how do it!

Thanks
 
Old 03-31-2014, 12:42 AM   #2
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,

the did you check the exit code? Ie the value of $? after running gpg? Eg
Code:
gpg --batch --yes ....
if [ "$?" != "0" ] ; then
  echo "Error running gpg!"
else
  echo "Ok."
fi
Evo2.

PS.
As an aside, from the gpg man page:
Code:
      --passphrase string
              Use  string as the passphrase. This can only be used if only one passphrase is
              supplied. Obviously, this is of very questionable  security  on  a  multi-user
              system. Don't use this option if you can avoid it.
 
Old 03-31-2014, 04:33 PM   #3
Mesopotamia
LQ Newbie
 
Registered: Mar 2014
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you very much Evo2! It worked!
 
Old 03-31-2014, 05:52 PM   #4
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,
Quote:
Originally Posted by Mesopotamia View Post
Thank you very much Evo2! It worked!
Glad it worked.

However please note that what you are doing is quite insecure: any process running on your system will be able to see your passphrase. It is usually better to use something like gpg-agent or whatever keyring manager your desktop environment uses.

Cheers,

Evo2.
 
Old 03-31-2014, 05:54 PM   #5
Mesopotamia
LQ Newbie
 
Registered: Mar 2014
Posts: 3

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by evo2 View Post
Hi,

Glad it worked.

However please note that what you are doing is quite insecure: any process running on your system will be able to see your passphrase. It is usually better to use something like gpg-agent or whatever keyring manager your desktop environment uses.

Cheers,

Evo2.
Yep, I understand the risk associated with that

Cheers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] gpg decrypt without using passphrase ilesterg Linux - Security 7 09-30-2013 10:20 PM
verifying keys with GPG entz Linux - Security 2 06-28-2011 08:39 PM
gpg --passphrase goes interactive with v1.1.8-4.fc13 bvn Linux - Security 1 08-06-2010 06:53 AM
How is the passphrase exactly used when dealing with GPG keys? abefroman Linux - Security 3 10-15-2009 01:30 AM
GPG with out passphrase option for decryption vjayraghavan Linux - Newbie 1 07-01-2009 10:12 AM


All times are GMT -5. The time now is 02:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration