-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jon Schewe wrote: > Eric F Crist wrote: >> On Nov 12, 2008, at 5:59 AM, Jon Schewe wrote: >> >>> I've got an old gpg key that I'd like to revoke, but forgot the whole >>> password and didn't keep a revocation cert around. Anyone have any >>> suggestions for an automated way to try a sequence of passwords against >>> gpg and figure out which one it is? I remember portions of the password >>> so I can narrow it down to about 1000 attempts. >>> >>> Thanks. >> >> Simple shell script with a while loop would do the trick. If you have >> something you encrypted, simply run a command to decrypt that file, >> trying all the possible passphrases. Check the exit code for gpg >> after each run. When you get a 0, you've found your code. > I started down that path this morning, however I can't seem to figure > out how to automate passing the password to gpg. I figured I'd use > expect, but gpg *always* uses pinentry, so I loose the ability to use > stdin/stdout to communicate the password with gpg. > There are python and perl modules for GnuPG that allow you to use it programmatically, including passing in a password programmatically. The python module is called GnuPGInterface, it was based on the perl module (by the same author I believe) I can provide you with sample code if you want. Contact me off list. (I pretend to be a python programmer for my day job) - -- Thanks, Josh Paetzel PGP: 8A48 EF36 5E9F 4EDA 5ABC 11B4 26F9 01F1 27AF AECB -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkka250ACgkQJvkB8SevrsuidQCeK5Wc7bWXr26kk1t9vUjiGUgf Y8gAnAvOvaHWI29BeFqESBMVyifXglxQ =pEfQ -----END PGP SIGNATURE-----