automated GPG ? [self-reply]

Ivan Lamouret
Tue Sep 4 14:55:01 2001

Sorry I did not check the *devel* list before my first post.
I still think however that the Section 4.13 of the FAQ is not that clear on
the subject. see e.g.
automated signing with password-less subkeys
Unable to use batch mode to sign and encrypt a document with gpg

So here is the response to my question

1) the way to handle is obscure to newbies : in fact one should
name the file secring.gpg directly, gpg does not recognize the .auto thing.

cd autodir
gpg --export-subkeys --no-comment > secring.gpg

the process of creating the signing subkey is correct, BUT :
2) the way to use gpg once BOTH the public keyring and the new secret
keyring are copied to the target machine is to indicate to gpg which key you
want (it seems unable to choose the key by itself, hence the "no secret
parts" error message!) :

gpg --local-user [name] (does not work with 1.0.4, but does with 1.0.6)
OR gpg --default-key [name | K_ID] (with 1.0.4 it seems you have to use the
key id)

Of course you can check that's working before moving to the target machine
gpg --homedir your_autodir --default-key your-key-id --clearsign  your_file

Hopes this will help someone,