A Key-gen-config file that autodeletes?
Ingo Klöcker
ingo.kloecker@epost.de
Tue Sep 11 22:23:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Dienstag, 11. September 2001 18:54, Edward Khoo wrote:
> Hi folks,
>
> It is good to hear such learned opinions. Being a relative newbie to
> these open source projects,
> it does looks to me that a decision probably have to made regarding
> this feature of supporting some sort of auto-capabilities.
> On the other hand, I am in computer technology just long enough to
> know that the answer is not going to be without trade-offs. :-|
>
> As long as there is no guarantee that the hardware is secure, any
> software decisions is hard to make.
> And the classic saying, "security is only as good as its weakest
> link"
>
> Also, this conversation have taken us away from my original concern
> of automating the passing in of interactive parameters.
> (assuming its a 'secure' computer)
> - How to get "--batch" to work in either command line or scripting
> support? - or If "--batch" is the option to use to pass in a config
> file in the first place?
>
> Here is Werner's original suggestion:
> #!/bin/sh
> gpg --gen-key --batch <$1
> rm $1
>
> Which did not work for me, as I am not sure of the data format that
> will be accepted.
'man gpg' would have told you the following
<quote>
- --gen-key Generate a new key pair. This command is nor
mally only used interactively.
There is an experimental feature which allows
you to create keys in batch mode. See the file
doc/DETAILS in the source distribution on how to
use this.
</quote>
And this is copied from doc/DETAILS:
<quote>
Here is an example:
$ cat >foo <<EOF
%echo Generating a standard key
Key-Type: DSA
Key-Length: 1024
Subkey-Type: ELG-E
Subkey-Length: 1024
Name-Real: Joe Tester
Name-Comment: with stupid passphrase
Name-Email: joe@foo.bar
Expire-Date: 0
Passphrase: abc
%pubring foo.pub
%secring foo.sec
# Do a commit here, so that we can later print "done" :-)
%commit
%echo done
EOF
$ gpg --batch --gen-key -a foo
[...]
$ gpg --no-default-keyring --secret-keyring foo.sec \
--keyring foo.pub --list-secret-keys
/home/wk/work/gnupg-stable/scratch/foo.sec
- ------------------------------------------
sec 1024D/915A878D 2000-03-09 Joe Tester (with stupid passphrase) <joe@foo.bar>
ssb 1024g/8F70E2C0 2000-03-09
</quote>
If you have more questions have a look at doc/DETAILS where the format
is explained in detail.
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD4DBQE7nnJUGnR+RTDgudgRAsW5AJUShSjpyTnsCU93vooy5bHzXp7lAKC3IZHf
b+PQ1pC6CfwCcDEAgR+kjw==
=KO8M
-----END PGP SIGNATURE-----