A Key-gen-config file that autodeletes?

[Ingo Klöcker]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Dienstag, 11. September 2001 18:54, Edward Khoo wrote:
> Hi folks,
>
> It is good to hear such learned opinions. Being a relative newbie to
> these open source projects,
> it does looks to me that a decision probably have to made regarding
> this feature of supporting some sort of auto-capabilities.
> On the other hand, I am in computer technology just long enough to
> know that the answer is not going to be without trade-offs. :-|
>
> As long as there is no guarantee that the hardware is secure, any
> software decisions is hard to make.
> And the classic saying, "security is only as good as its weakest
> link"
>
> Also, this conversation have taken us away from my original concern
> of automating the passing in of interactive parameters.
> (assuming its a 'secure' computer)
> - How to get "--batch" to work in either command line or scripting
> support? - or If "--batch" is the option to use to pass in a config
> file in the first place?
>
> Here is Werner's original suggestion:
> #!/bin/sh
> gpg --gen-key --batch <$1
> rm $1
>
> Which did not work for me, as I am not sure of the data format that
> will be accepted.

'man gpg' would have told you the following
<quote>
- --gen-key Generate  a  new  key pair. This command is nor­
                 mally only used interactively.
 
                 There is an experimental  feature  which  allows
                 you  to  create keys in batch mode. See the file
                 doc/DETAILS in the source distribution on how to
                 use this.
</quote>

And this is copied from doc/DETAILS:
<quote>
Here is an example:
$ cat >foo <<EOF
     %echo Generating a standard key
     Key-Type: DSA
     Key-Length: 1024
     Subkey-Type: ELG-E
     Subkey-Length: 1024
     Name-Real: Joe Tester
     Name-Comment: with stupid passphrase
     Name-Email: joe@foo.bar
     Expire-Date: 0
     Passphrase: abc
     %pubring foo.pub
     %secring foo.sec
     # Do a commit here, so that we can later print "done" :-)
     %commit
     %echo done
EOF
$ gpg --batch --gen-key -a foo
 [...]
$ gpg --no-default-keyring --secret-keyring foo.sec \
                                  --keyring foo.pub --list-secret-keys
/home/wk/work/gnupg-stable/scratch/foo.sec
- ------------------------------------------
sec  1024D/915A878D 2000-03-09 Joe Tester (with stupid passphrase) <joe@foo.bar>
ssb  1024g/8F70E2C0 2000-03-09
</quote>

If you have more questions have a look at doc/DETAILS where the format
is explained in detail.

Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD4DBQE7nnJUGnR+RTDgudgRAsW5AJUShSjpyTnsCU93vooy5bHzXp7lAKC3IZHf
b+PQ1pC6CfwCcDEAgR+kjw==
=KO8M
-----END PGP SIGNATURE-----