A Key-gen-config file that autodeletes?

Ingo Klöcker ingo.kloecker@epost.de
Tue Sep 11 22:23:01 2001

Hash: SHA1

On Dienstag, 11. September 2001 18:54, Edward Khoo wrote:

> Hi folks,
> It is good to hear such learned opinions. Being a relative newbie to
> these open source projects,
> it does looks to me that a decision probably have to made regarding
> this feature of supporting some sort of auto-capabilities.
> On the other hand, I am in computer technology just long enough to
> know that the answer is not going to be without trade-offs. :-|
> As long as there is no guarantee that the hardware is secure, any
> software decisions is hard to make.
> And the classic saying, "security is only as good as its weakest
> link"
> Also, this conversation have taken us away from my original concern
> of automating the passing in of interactive parameters.
> (assuming its a 'secure' computer)
> - How to get "--batch" to work in either command line or scripting
> support? - or If "--batch" is the option to use to pass in a config
> file in the first place?
> Here is Werner's original suggestion:
> #!/bin/sh
> gpg --gen-key --batch <$1
> rm $1
> Which did not work for me, as I am not sure of the data format that
> will be accepted.
'man gpg' would have told you the following <quote> - --gen-key Generate a new key pair. This command is nor­ mally only used interactively. There is an experimental feature which allows you to create keys in batch mode. See the file doc/DETAILS in the source distribution on how to use this. </quote> And this is copied from doc/DETAILS: <quote> Here is an example: $ cat >foo <<EOF %echo Generating a standard key Key-Type: DSA Key-Length: 1024 Subkey-Type: ELG-E Subkey-Length: 1024 Name-Real: Joe Tester Name-Comment: with stupid passphrase Name-Email: joe@foo.bar Expire-Date: 0 Passphrase: abc %pubring foo.pub %secring foo.sec # Do a commit here, so that we can later print "done" :-) %commit %echo done EOF $ gpg --batch --gen-key -a foo [...] $ gpg --no-default-keyring --secret-keyring foo.sec \ --keyring foo.pub --list-secret-keys /home/wk/work/gnupg-stable/scratch/foo.sec - ------------------------------------------ sec 1024D/915A878D 2000-03-09 Joe Tester (with stupid passphrase) <joe@foo.bar> ssb 1024g/8F70E2C0 2000-03-09 </quote> If you have more questions have a look at doc/DETAILS where the format is explained in detail. Regards, Ingo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD4DBQE7nnJUGnR+RTDgudgRAsW5AJUShSjpyTnsCU93vooy5bHzXp7lAKC3IZHf b+PQ1pC6CfwCcDEAgR+kjw== =KO8M -----END PGP SIGNATURE-----