batch automation for GPG2 v >= 2.1? how to implement per-user passphrase & multipl-subkeys?
grantksupport at operamail.com
grantksupport at operamail.com
Wed Nov 19 18:30:01 CET 2014
I'm working with GPG 2.1.0
gpg2 --version
gpg (GnuPG) 2.1.0
libgcrypt 1.6.2
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
I need to create master keys + multiple subkeys for ~1000 users.
Each user's keys' config (usage, algo, size) will be:
master (sign, cert) RSA/4096
sub1 (sign only) ECDH/2048
sub2 (encrypt only) ECDH/2048
sub3 (auth only) RSA/2048
unattended/batch operation is the intended approach.
However, IIUC,
(1) passphrase can no longer be passed in GPG2 v>= 2.1
(2) only one sub-key can be generated in batch processing
is that correct?
What's an effective/efficient approach for mass generation, allowing for
full automation
per-user passphrase entry
and,
multiple sub-key generation
?
More information about the Gnupg-devel
mailing list