Automating gpg

[Dailey,Nancy]

>From David Shaw:
When you follow the automating gpg instructions in the FAQ, you end up
with a special key that does not contain the master key (generally a
sign-only key).  You tried to sign and encrypt, and since there is no
signing key there, it's not going to work.

You can add a signing key via --edit-key on your *original* key (not
the key you generated by following the FAQ), and using "addkey".
Then, re-follow the instructions in the FAQ to export the new subkey.

David

I thought that is what I did.  I used "addkey" to add a signing subkey, then
"export-secret-subkeys" to "secring.auto" which I then moved to another
directory and removed the passphrase.  This is what happens when I try to
use the signing subkey:

C:\gnupg>gpg --output ggvsppre.gpg -es \windows\temp\ggvsppre.lis
> gpg: secret key parts are not available
> gpg: no default secret key: general error
> gpg: \windows\temp\ggvsppre.lis: sign+encrypt failed: general error

The gpg instruction manual states that "export-secret-subkeys" "...has the
special property to render the secret part of the primary key useless;  this
is a GNU extension to OpenPGP ..."  Is this true?  And, if so, is this not
what has happened to my secret key?  And, if so, is there some other way to
automate gpg?

Nancy

Nancy N. Dailey
Senior Systems Analyst
IS3 - Information Systems and Technology
Gartner Group
Phone  1-203-316-3418
Fax      1-203-316-6490