Automatically Signing Keys?

David Shaw
Thu Nov 14 21:40:05 2002

On Thu, Nov 14, 2002 at 02:47:30PM +0100, Olaf Gellert wrote:
> Oh well, before I forget:
> > we are trying to switch to GPG for our PGP-certification
> > authority. So I am adapting the software (some shell scripts).
> > I did not find any way to tell gpg to sign a key without
> > asking questions (which is necessary to use gpg for this
> > from the scripts).
> > 
> > --batch: gpg: can't do that in batch-mode
> > --yes: gpg still asks questions.
> > --no-tty: gpg: Sorry, no terminal at all requested - can't get input
> --pashprase-fd: GPG does not ask for the passphrase anymore, but it
>   still asks "How carefully have you verified the key..." and
>   "Are you really sure that you want to sign this key". Maybe one
>   should introduce the option "--really" (= yes, I really mean,
>   what I specified on the command line)?  ;-)
> My actual test-command was:
> printf "%s" "password" | gpg --sign-key -u [CA-KeyID] --yes --status-fd 1 --passphrase-fd 0 --yes [KeyID-to-be-signed]

Try this:

printf "%s" "password" | gpg -u [CA-KeyID] --status-fd 1 --passphrase-fd 0 --batch --yes --edit [KeyID-to-be-signed] sign save


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson