signing keys in batch mode

Werner Koch wk at
Wed May 21 17:01:01 CEST 2003

On Tue, 20 May 2003 10:31:16 +0100, Noel D Torres Taño said:

> And none of them works: all of them still waits for me to introduce "y"
> and "johndoe1key".

gpg takes input to the command from from /dev/tty.  This is so that
you can still use gpg in a pipe.  ssh for example does it the same

You can either use expect (1) to simlate a tty or the options

  gpg --command-fd 0 --status-fd 2 [...]

This takes the prompt input from stdin after printing a prompt status
to stderr.  The correct way to handle this is by parsing the status
message.  However, if you use a specific version of gpg and you know
that all your keys are similar, you can use canned answers and send
them to stdin.  This is what the old GPA did for key management - of
course this caused problems with later gpg versions.



  Nonviolence is the greatest force at the disposal of
  mankind. It is mightier than the mightiest weapon of
  destruction devised by the ingenuity of man. -Gandhi

More information about the Gnupg-devel mailing list