I've decrypted a file successfully using:
gpg --encrypt --recipient user@company.com myfile.txt
If I run the command below, I'm prompted for a passphrase, and decryption works:
gpg --output decrypted_myfile.txt -decrypt myfile.txt.gpg
I can't seem to get any form of non-interactive decryption working. The closest I've come is:
gpg --decrypt --batch --passphrase MYPASSPHRASE myfile.txt.gpg
This gives me:
gpg: encrypted with 2048-bit RSA key, ID F6CF3C25, created 2016-03-17
"Company_20210316 (Incoming Files) <user@company.com>"
gpg: public key decryption failed: Bad passphrase
gpg: decryption failed: No secret key
Is there a different way to do it?
Having error like: gpg: decryption failed: No secret key simply means that you don't have a private or secret key in your gpg keyring. You may want to check first if gpg -k (same as gpg --list-keys) has a private key there and import it and then trust it,
To add trust, use "1 to 5":
gpg --key-edit <yourKey>
then trust then 5 then `quit
To get your keyID run:
gpg --edit-key <yourKey>
then first line you'll see: Private key available
then two sub-keys on the left of the fist you'll see
sec rsa2048/E7E43C5C844E2917
and the part on a right after slash - will be your <keyID> E7E43C5C844E2917
so, to explicitly export from where it was generated, the key to a file you need to use that like:
gpg --export-secret-keys --armor E7E43C5C844E2917>yourSecretKey.asc
this will create secret key in a file ONLY, unlike if you use keyname in the export call then it will contain more than that.
Then to import use:
gpg --import E7E43C5C844E2917
then check your key in the list updated. Add trust if needed.
Then line to decrypt copied from terminal of my MAC and tested works, w/ no prompt:
gpg --batch --passphrase MyPassphrase -o test.tt7 -d CE.txt.gpg
NOTE that: -d is the same as --decrypt just like -o is the same as --output