--0F1p//8PRICkK4MW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I wrote a Perl script (for Unix) to verify and sign pages on my website.
Beware that it doesn't lock memory pages to keep the passphrase from
being swapped to disk.

Find the signature here:

http://jharris.cjb.net/code/check-sigs-and-sign.asc

--=20
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
***@widomaker.com | web: http://jharris.cjb.net/

--0F1p//8PRICkK4MW
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE9VptySypIl9OdoOMRAnoiAJ9aEdPPrKaHA9EQP9xjyBoodmAG0ACfUMqV
lH+XuNotPK+7bep1D22Qge8=
=vgIq
-----END PGP SIGNATURE-----

--0F1p//8PRICkK4MW--

Hello Anthony,

On Sun, 11 Aug 2002, at 12:24:30 [GMT -0400] your time you wrote in
<mid:***@cp5340>:


AEG> No. You have to run gpg once for each file. You can use a batch
AEG> file with a FOR loop. You can do this on the command line in a *nix
AEG> shell.

AEG> for docfile in `ls *.doc`; do gpg --detach-sign $docfile; done

Thanks! I have no Unix box so that leaves me SOL.

- --
Best regards,

Greg Strong
TB! v1.62/Beta1 on Windows 98

PGP public keys:
mailto:***@gwstrong.com?subject=0xB1FE63FA&Body=Please20send20keys

Hello Ryan,

On Thu, 15 Aug 2002, at 10:36:52 [GMT -0500] your time you wrote in
<mid:***@mail.bai.org>:


RM> Not hardly... The equivalent Windows NT/2000 syntax would be:

RM> FOR %f IN (*.doc) DO gpg --detach-sign %f

This works but asks for passphrase each time.

When I export both public & secret key to another public & secret key
ring. I also remove the passphrase on the key. I then create a new
option file for GPGshell which points to new public & secret key rings,
then select the new option file, the above command works fine (i.e.
signs multiple files).

RM> Of course, you might want to pass your passphrase automatically to
RM> gpg using a pipe, like so: FOR %f IN (*.txt) DO echo
^^^
should be doc?
RM> passphrase|gpg --passphrase-fd 0 --detach-sign %f

This would be nice because I wouldn't have to remove passphrase & create
separate key rings. The command never asked for my passphrase. When
using a pipe doesn't the program have to ask for passphrase once. I am
on Win98, so is this command compatible with Win98? If no and on Win2k
wouldn't I still have to provide passphrase at least once?

RM> This works when typed directly on the command line, but for some
RM> reason, you have you use double for percent signs in front of the
RM> variable name in a windows batch file.

No problem but I need to get working on command line first. According to
gpg.man file:


--passphrase-fd n
Read the passphrase from file descriptor n. If
you use 0 for n, the passphrase will be read
from stdin. This can only be used if only
one passphrase is supplied. Don't use this
option if you can avoid it.

I am no programmer but do enjoy learning, so my question is what is
stdin? Is this some temporary file on Win2k or NT machine where the
passphrase is stored?

TIA!

- --
Best regards,

Greg Strong
TB! v1.62/Beta1 on Windows 98

PGP public keys:
mailto:***@gwstrong.com?subject=0xB1FE63FA&Body=Please20send20keys

Hello Ryan,

On Thu, 15 Aug 2002, at 14:30:53 [GMT -0500] your time you wrote in
<mid:***@mail.bai.org>:


RM> I believe the FOR command works in the Win9x command interpreter as
RM> well, but I don't remember for sure. I've been using almost
RM> exclusively NT/2000/XP since 1996 - much more stable.

I checked the DOS 5.0 manual and the FOR command is in it. I would
imagine the FOR command works in Win98. It has to because the 1st
command line you gave worked. It has to do with this part:

echo passphrase|gpg --passphrase-fd 0 --detach-sign %f


When I type the full command in the output in Win98 DOS box is the
following:

D:\Email02>echo PASSPHRASE
PASSPHRASE

It appears gpg is NOT running. It is simply echoing the word
"PASSPHRASE" in the command. I think it has to do with how we are trying
to capture the password with the "echo" command.


So I tried the following command:

FOR %f IN (*.doc) DO gpg --passphrase-fd 0 --detach-sign %f

Now the passphrase is not asked for but gpg is looking for it in the
file descriptor 0. See output below:

D:\Email02>gpg --passphrase-fd 0 --detach-sign MON106.DOC
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
Reading passphrase from file descriptor 0 ...

It is doing this for every *.doc file in the directory. So what command
has to be included so that gpg asks and stores the password in file
descriptor 0 for the subsequent files.

RM> The problem with providing the passphrase via pipe is that it is
RM> plainly visible on screen when you type it on the command line. It
RM> would probably be best to set this up as a batch file that takes the
RM> passphrase as a parameter, and then puts it into the FOR command.
RM> Or, better yet, write a Windows Scripting Host file (wither VBscript
RM> or Jscript) that reads the user password in a secure fashion;
RM> windows scripting is not too difficult a thing to pick up.

I like to do things in steps. Obviously there is a problem, but what.
When attempting to figure out I think about section 4.14, "How can I use
GnuPG in an automated environment" in the GPG FAQ.txt file. I already
have multiple signing with your 1st command looking at separate key
rings with no password on the key. So this all maybe a mute point.
RM> This is a feature that shows the UNIX & CP/M roots of the DOS
RM> command shell (although there is no DOS in Windows NT/2000/XP, the
RM> command interface is very similar). Stdin is "standard input", the
RM> primary means of user interaction, usually the keyboard. There is
RM> also stdout, which is usually the console, and stderr, which is also
RM> usually the console. However, any of these can be redirected to
RM> something else, like files or even other programs. This is what the
RM> pipe (|) operator does in the command line I gave you: it makes the
RM> output of "echo" the standard in (i.e. keyboard) for gpg; which is
RM> looking for the passphrase on its stdin.

Thanks, good to know.

RM> As another example, the > operator on the command line makes stdout
RM> a file. Try: echo "Howdy partner" > howdy.txt And look at the
RM> resulting file.

I've used the > operator to re-direct to a text file in the past.

Thanks for the help.

- --
Best regards,

Greg Strong
TB! v1.62/Beta1 on Windows 98

PGP public keys:
mailto:***@gwstrong.com?subject=0xB1FE63FA&Body=Please20send20keys

Hello Mark,

On Fri, 16 Aug 2002, at 08:48:00 [GMT -0500 (EST)] your time you wrote
in <mid:Pine.LNX.4.33.0208160840500.13457-***@mhw.ULib.IUPUI.Edu>:


MHW> FOR has been around in Microsoft OSes for a long time, but bear in
MHW> mind that COMMAND.COM (DOS, Win/DOS) and CMD.EXE (NT) are different
MHW> command interpreters. There's a lot of stuff in CMD that's missing
MHW> or different in COMMAND. So stuff that works on NT may not work on
MHW> Win9x/ME.

Unless I've made a mistake with Ryan's 2nd command line syntax
suggestion, it is starting to look like it does NOT work on Win98. With
Ryan's 1st command line syntax with section 4.14 suggestion in the GPG
FAQ.txt file I can create multiple detached signature files with one
command.

Thanks for the info from both you and Ryan.

- --
Best regards,

Greg Strong
TB! v1.62/Beta1 on Windows 98

PGP public keys:
mailto:***@gwstrong.com?subject=0xB1FE63FA&Body=Please20send20keys