Page MenuHome GnuPG

some possible minor things in the manpage
Closed, ResolvedPublic

Description

Hey.

--passphrase-fd n
       Read  the passphrase from file descriptor n. Only the first line
       will be read from file descriptor n. If you use  0  for  n,  the
       passphrase  will  be  read  from STDIN. This can only be used if
       only one passphrase is supplied.

       Note that since Version 2.0 this passphrase is only used if  the
       option  --batch  has  also  been  given.  Since  Version 2.1 the
       --pinentry-mode also needs to be set to loopback.

However it seems that despite of version 2.2.27, --pinentry-mode loopback is not needed and it still works for me with e.g.:
gpg --quiet --no-verbose --no-greeting --batch --no-options --no-random-seed-file --no-default-keyring --keyring /dev/null --no-keyring --trustdb-name /dev/null --disable-dirmngr --passphrase-fd 0 --pinentry-mode loopback --no-symkey-cache --decrypt

--no-default-keyring
       Do not add the default keyrings to the list  of  keyrings.  Note
       that  GnuPG will not operate without any keyrings, so if you use
       this option and do not provide alternate keyrings via  --keyring
       or  --secret-keyring, then GnuPG will still use the default pub‐
       lic or secret keyrings.

First, AFAIU --secret-keyring is obsolete? Second, this is a bit ambiguous, it says without alternative --keyring it would still use the default keyring,.. but is this also the case when --no-keyring is used?

In past times I had to use --no-default-keyring --keyring /dev/null --secret-keyring /dev/null... my understanding was that now a simple --no-keyring would be enough?

Cheers,
Chris.

Event Timeline

Yes, --no-keyring should enough for the subset of gpg commands which do not need keys.

werner claimed this task.

Hey.

The changes do not seem to touch anything I've mentoned in (1)?

And for (2)... TBH, I think it's still not really clear. It now says:
"no-default-keyring
Do not add the default keyring to the list of keyrings. Note that
GnuPG needs for almost all operations a keyring. Thus if you use this
option and do not provide alternate keyrings via @option{--keyring},
then GnuPG will still use the default keyring."

There's still no mentioning that --no-keyring would really cause it to not "still use the default keyring" in "almost operations".

@werner shall I open a new ticket for the remaining stuff?

Please don't, if you really feel like tha tis not resolved please re-open this ticket.

Well, as I've said in the comment above, there doesn't seem to be any correction towarads --passphrase-fd not requiring --pinentry-mode loopback (still works withou)... and --no-default-keyring still gives the impression that it would be needed (while --no-keyring works as well).