You are not logged in.
Pages: 1
Good day,
I have a scripte that I'm working on that will rsync a bunch of files and dirs into a temp folder. Then it is supposed to tar the temp dir, encrypt it using gpg, and copy it to my dropbox before erasing all the temp material.
The script hits an error at the gpg portion. If I type "gpg --encrypt --recipient USER /path/to/my/dir.tar.gz" into the terminal it works. However, inside the script it returns:
gpg: USER: skipped: No public key
gpg: /path/to/my/dir.tar.gz: encryption failed: No public key
I've even tried setting "gpg --encrypt --recipient USER /path/to/my/dir.tar.gz" as a bash alias, which will work alone in the terminal but in the script is comes back as command unknown.
Is this a problem as a result of this script being run outside of the scope of where the public key is? I know where the public key is stored on in my system.
Offline
Are you using the same user for both tests? I mean: terminal and script? Keep in mind that GnuPG keyring is per–user.
Unrelated to your problem: it's worth signing (--sign) the package too.
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Yes I am using the same user. Why is signing an issue?
Thanks for answering
Offline
Yes I am using the same user.
What happens when you call gpg2 --list-keys from within the script? Does it print the proper location of the keyring (should be at the top)? Does gpg2 --list-keys YOUR_KEY list your key?
Why is signing an issue?
You're sending data via untrusted medium. Encryption protects data from being read, not from being written. The latter is covered by signing, so you should also sign the package, not only encrypt it. Until you don't care about the adversary modifying contents, of course, but this is a rare case for filesets.
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Thank you for clarifying the singing issue, I'll look into that afterwards.
As for gpg2 --list-keys, they are listed when I input the command into the terminal, but when inserted into my script nothing shows up. Should it?
Offline
IMHO it should show the key the same way as it shows it in the terminal. And it does for me.
Does --batch option change anything? Shouldn't, but maybe an attempt to read something is the issue. Does using --debug-level or --debug-all provide any useful information?
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
How are you starting this script? From the command line of your shell, or is it bound to a key or started from a menu someplace?
What shell do you use for your CLI?
Do you have a crunch-bang on the first line of the script that identifies which shell to use for the script: Something like:
#! /usr/bin/bash
I am wondering if the script is not finding itself in the same environment as your cli shell. In other words, are your shell and your script sourcing the same configuration?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
cribbageSTARSHIP:
One more question: are you sure that the user id is valid? Since you're using it within a script, I suspect that maybe you're performing some operations on it. Possibly GnuPG receives some other parameter for --recipient than expected. Or maybe spaces in an unquoted argument? Anything like that?
*:
By the way:
#!/usr/bin/env bash
instead of
#!/usr/bin/bash
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline
Pages: 1