Eric F Crist wrote: > On Nov 12, 2008, at 5:59 AM, Jon Schewe wrote: > >> I've got an old gpg key that I'd like to revoke, but forgot the whole >> password and didn't keep a revocation cert around. Anyone have any >> suggestions for an automated way to try a sequence of passwords against >> gpg and figure out which one it is? I remember portions of the password >> so I can narrow it down to about 1000 attempts. >> >> Thanks. > > > Simple shell script with a while loop would do the trick. If you have > something you encrypted, simply run a command to decrypt that file, > trying all the possible passphrases. Check the exit code for gpg > after each run. When you get a 0, you've found your code. I started down that path this morning, however I can't seem to figure out how to automate passing the password to gpg. I figured I'd use expect, but gpg *always* uses pinentry, so I loose the ability to use stdin/stdout to communicate the password with gpg. -- Jon Schewe | http://mtu.net/~jpschewe If you see an attachment named signature.asc, this is my digital signature. See http://www.gnupg.org for more information. For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39