Failure to decrypt a gpg file using a passphrase within unix


I'm trying to decrypt a file using the following command within a unix shell prompt:

gpg --passphrase-file /path/to/passphrase/file --output /path/to/output/dir/full_db_restore --decrypt full_db_backup_current.tar.gpg

I get the following error when running the command above:

gpg: 3DES encrypted data
gpg: problem with the agent: No pinentry
gpg: encrypted with 1 passphrase
gpg: decryption failed: No secret key

I have verified that pinentry is installed. I'm not sure if pinentry is the issue. I have a feeling it might be with the "No secret key" error. Any help would be appreciated.

James P.

Posted 2011-05-03T14:53:22.113


good question but I think it should be moved to superuser, because that's not a programming related question. – Heisenbug – 2011-05-03T14:56:00.790



I've discovered a solution to this.

/usr/bin/gpg --no-tty --batch --passphrase-file /path/to/passphrase/file --output   \
/path/to/output/dir/full_db_restore --decrypt full_db_backup_current.tar.gpg

The only difference is that I've added --no-tty and --batch options. After logging onto my unix server, I switch users from userA to userB. I'm assuming that because I switch users, there was an error. I'm not sure if this is the write solution as the options mentioned above are used when calling the command from a shell script. Any additional information would be greatly appreciated. Thanks in advance.


Posted 2011-05-03T14:53:22.113

Reputation: 21


You must to use this command:

    gpg --batch --passphrase-fd 1 --passphrase-file /path/to/passphrase/file  
    --output /path/to/output/dir/full_db_restore full_db_backup_current.tar.gpg

--batch: is used in scripts for non-interactive mode (no asking);

--passphrase-fd 1 together with --passphrase-file: to read the passphrase from a file.

If you use only --passphrase-file on *nix it will not work.

Good luck.

Fernando Augusto

Posted 2011-05-03T14:53:22.113

Reputation: 21