Automatic GPG decoding in crontab enviroment |
I have data recieved from ftp, which is encoded using GnuPG software.
To get files nightly, I used cron task scheduler. But there were problem when decoding gpg files (when ran shell script, everything went ok, but when cron initialised, no decryption were done). This is a shell script:
gpgdir=/path/to/recieved/gpg/files/
for i in `find $gpgdir -name '*.gpg' -type f -maxdepth 1` ; do
echo 'thepassword' | /usr/bin/gpg --passphrase-fd 0 -o ${i%.*} -d $i
done
As you can see, script finds all *.gpg files in given directory, then passes file by file to gpg to decode files. But it does not work when executed with cron.
After some debugging, found such error:
gpg: fatal: cannot open /dev/tty
So, gpg tries to open tty, but in cron enviroment there is no access to tty. So found out switch to gpg --no-tty.This is the final, working excerpt from my script:
gpgdir=/path/to/recieved/gpg/files/
for i in `find $gpgdir -name '*.gpg' -type f -maxdepth 1` ; do
echo 'thepassword' | /usr/bin/gpg --no-tty --passphrase-fd 0 -o ${i%.*} -d $i
done
P.S. Echoeing password through pipe to give it as parameter to gpg is not secure, if your server is accesed by other users. At good timing, user can get your password. As my server accessed only in trusted LAN, and no other users use shell, I've made that method.