Automatically Signing Keys?
David Shaw
dshaw@jabberwocky.com
Thu Nov 14 21:40:05 2002
On Thu, Nov 14, 2002 at 02:47:30PM +0100, Olaf Gellert wrote:
> Oh well, before I forget:
>
> > we are trying to switch to GPG for our PGP-certification
> > authority. So I am adapting the software (some shell scripts).
> > I did not find any way to tell gpg to sign a key without
> > asking questions (which is necessary to use gpg for this
> > from the scripts).
> >
> > --batch: gpg: can't do that in batch-mode
> > --yes: gpg still asks questions.
> > --no-tty: gpg: Sorry, no terminal at all requested - can't get input
>
> --pashprase-fd: GPG does not ask for the passphrase anymore, but it
> still asks "How carefully have you verified the key..." and
> "Are you really sure that you want to sign this key". Maybe one
> should introduce the option "--really" (= yes, I really mean,
> what I specified on the command line)? ;-)
>
> My actual test-command was:
>
> printf "%s" "password" | gpg --sign-key -u [CA-KeyID] --yes --status-fd 1 --passphrase-fd 0 --yes [KeyID-to-be-signed]
Try this:
printf "%s" "password" | gpg -u [CA-KeyID] --status-fd 1 --passphrase-fd 0 --batch --yes --edit [KeyID-to-be-signed] sign save
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson