Joe Jung · Jan 26

How to encrypt and sign files

Currently running Ensemble on Red Hat Enterprise Linux Server release 7.7

One of our clients is requesting files sent to their SFTP site be encrypted with their PGP public key and digitally signed with our PGP private key

We have created a custom class that includes the following command to encrypt the files

if (pAction = "Encrypt") {
// Find the Key ID from the Keyname
set tKeyId = ..GPGKeyLookup(pKeyName, ..#PUBLICKEYLUT)
set tCmdLine = "gpg --homedir "_pGPGhomedir_" --always-trust -r """_tKeyId_""" -o "_pOutFileName_" -e "_pInFileName
// Execute the command to generate the output file
write !,"Calling command: "_tCmdLine
do ##class(JMH.Utils.Utilities).RunCmdLine(pWorkarea, tCmdLine, .tOutput)
write !,"tOutput: "_tOutput

We want to update the gpg command to digitally sign the encrypted file

Would appreciate any suggestions on how to edit the gpg command to digitally sign a file


Product version: Ensemble 2018.1
0 107
Discussion (2)1
Log in or sign up to continue

Assuming you need a detached signature:

gpg --local-user [fingerprint] --sign --armor --output somefile.tar.xz.asc --detach-sig somefile.tar.xz

Copied from Stack.


I tried running running your command from my LInux server

gpg --homedir /hs-connect/gpg --local-user 77720646  --sign --armor --output test.txt.bak --detach-sig test.txt gpg

the following was returned

gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: skipped "62D20646": Operation cancelled
gpg: signing failed: Operation cancelled