I've been wanting to create a simple web application that would allow me to view certain text files that I've encryped with GnuPG residing on my webserver through any browser remotely.
I've figured that the best way to do this is to set up a login system with user and password (seperate from that to decrypt my private key).
Once I've logged in, the server would attempt to decrypt the encrypted file and request my private key password. I can then prompt the browser for private key pass. Then I'd send the decrypted file back in plaintext (over TLS)
While it would only be me using this setup, I'm thinking that the only way for me to send my password to the GnuPG program is for my server to take the string and then use in in the password prompt of GnuPG. Are there any security implications I should be aware of when piping input in a web form into bash when gpg asks for a password (or any security issues with this entire design).
The entire session would be encrypted with TLS. I would also probably disable the gpg-agent, not that there would be any concurrent users on my private server. The end goal is for me to be able to access my passwords from ZX2C4 pass from any browser.