[CentOS] gpg command works fine from login shell, not from cron script

Sean Carolan scarolan at gmail.com
Mon Oct 19 19:46:48 UTC 2009

I have an odd situation here, maybe one of you can help.  We have a
script that runs via a cron job.  It's purpose is to decrypt
PGP-encrypted files in a certain directory.  I have tried the command
two different ways, both fail with the same error message:

gpg --decrypt $file > ${file%.txt}.decrypted.txt
gpg --output ${file%.txt}.decrypted.txt --decrypt $file

(Don't even ask about the name substitution.  The end-user insists
they MUST submit files with a .txt extension, and not .pgp or .gpg)

Anyway, I can run the script fine from a login shell.  It works
beautifully.  But when it runs from a cron job two things happen:

1.  A file of zero size is created called file.decrypted.txt
2.  The error message in the cron email I get says:

gpg: encrypted with ELG-E key, ID XXXXXXXX
gpg: decryption failed: secret key not available

Why does it say "secret key not available"?  The output of gpg -K
shows that the key is in fact available, and this is further confirmed
when I run the script manually and the files are decrypted just fine.

More information about the CentOS mailing list