I want to create a script that would automatically encrypt and push to GitHub into public repo some sensible files I don't want to expose (but do want to keep together with the whole project).
As a solution I decided to encrypt them with GPG. The issue is that I can't find any clues on how to encrypt a particular file with a passphrase passed as a CLI argument to a gpg -c
command.
Does anybody know how to do this?
Best Answer
Use one of the
--passphrase-...
options, in batch mode:--passphrase-fd
reads the passphrase from the given file descriptor--passphrase-file
reads the passphrase from the given file--passphrase
uses the given stringThese will all encrypt
file
(intofile.gpg
) usingmysuperpassphrase
.With GPG 2.1 or later, you also need to set the PIN entry mode to “loopback”:
etc.
Decryption can be performed in a similar fashion, using
-d
instead of-c
, and redirecting the output:etc.