I tried all methods to preset the passphase or standard input redirection so my gpg decryption will work and bypass the pinentry dialog, but all ways do not work. The pinentry still prompt for passphase. What can I do to automate the process and bypass the pinentry prompt?
I’m using the latest gnu4win programs.
gpg-connect-agent PRESET_PASSPHRASE [HEX 40-DIGITS KEYID] -1 [HEX VALUE PASSPHASE]
or
gpg-preset-passphrase --preset -P [HEX VALUE PASSPHASE] [HEX 40-DIGITS KEYID]
gpg command still prompt for pinentry
gpg -v --batch --yes -u “BL_PIP pipadm@biglots.com” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]”
Tried echo the passphase int standard input
echo [ascci passphase]| gpg -v --batch --yes --passphrase-fd 0 -u “[LOCAL USER]” -d -o “[OUTPUT FILE]” “[ENCRYPTEDFILE]”
just gave gpg-preset-passphrase a spin to see what might have gone wrong
and I have an idea: Maybe you had the wrong keygrip (and used the keyid instead, which won’t work, but will not give a warning).
See the documentation how to find the right keygrip.
And note that you have to give gpg-agent an option to allow gpg-preset-passphrase to work.
I’ve added both hints to the wiki page mentioned in my last reply.
Thanks for using Gpg4win and thanks that many of you set a reasonable price
when paying for it!
when using the steps I’ve outlined, it worked for me with Gpg4win 3.0.3.
The old instructions from 2010 might be slightly different from what has to be done today.
(Note that it is gpg-agent.conf not pgp-agent.conf.)
My recommendation is that you recheck everything, maybe actually try the keygrip.
If the script with the presetting command is on your machine, then an attacker could gain access to the passphrase for the private key. If that is the case, there is no security gain in keeping a passphrase on the secret key itself.