Automatically Signing Keys?

Olaf Gellert gellert@arasca.de
Thu Nov 14 12:50:01 2002


Oh well, before I forget:

> we are trying to switch to GPG for our PGP-certification
> authority. So I am adapting the software (some shell scripts).
> I did not find any way to tell gpg to sign a key without
> asking questions (which is necessary to use gpg for this
> from the scripts).
> 
> --batch: gpg: can't do that in batch-mode
> --yes: gpg still asks questions.
> --no-tty: gpg: Sorry, no terminal at all requested - can't get input

--pashprase-fd: GPG does not ask for the passphrase anymore, but it
  still asks "How carefully have you verified the key..." and
  "Are you really sure that you want to sign this key". Maybe one
  should introduce the option "--really" (= yes, I really mean,
  what I specified on the command line)?  ;-)

My actual test-command was:

printf "%s" "password" | gpg --sign-key -u [CA-KeyID] --yes --status-fd 1 --passphrase-fd 0 --yes [KeyID-to-be-signed]


Cheers, Olaf

-- 

Olaf Gellert                                            _ - __o
  gellert@arasca.de                                    _- _`\<,_
      http://www.arasca.de/olaf/                       - (_)/ (_)
----------------------------------------------------------------------
Most people would sooner die than think; in fact, they do so.
        -- Bertrand Russell
----------------------------------------------------------------------