Encryption files with GPG without user intervention (batch)

I usually encrypt files with GPG with symmetric algorithms when I have to transmit files over insecure channel: for example I encrypt backup files stored at my USB stick and I’m sure that if it’s stolen or lost my files are in safety.

Encryption without user intervention can be used when you wish to perform automatic (runs with cron) backup procedure and protect backup files.

To encrypt file /tmp/file.tgz by symmetric AES algorithm (256 is a key lenght) with one command please use the following command:

echo password | gpg --batch -q --passphrase-fd 0 --cipher-algo AES256 -c /tmp/file.tgz

Previous command will create file.tgz.gpg that can be extracted automatically by next one:

echo password | gpg --batch -q -o /tmp/file.tgz --passphrase-fd 0 --decrypt /tmp/file.tgz.gpg


Stefan Durand

My name is Stefan, I'm the admin of LinuxScrew. I am a full-time Linux/Unix sysadmin, a hobby Python programmer, and a part-time blogger. I post useful guides, tips, and tutorials on common Linux and Programming issues. Feel free to reach out in the comment section.

4 thoughts on “Encryption files with GPG without user intervention (batch)”

  1. wow that blew out some of the text

    Take a look at that link though. You don’t have to put the password in the clear.

  2. re: Alex’s comment regardiing using the password in the clear.
    The password is only stored locally, not transmitted. The original files are also stored locally. Anyone who has access to the password also has access to the original files that are being backed up. I don’t see any security risk as long as the password is only used for backup.

    Excellent article. Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *