Batch (non-interactive) key signing

[Jason Tackaberry]

Hi everyone,

Using GnuPG) 1.0.7 (the version that is distributed with RedHat 8.0), I
am trying to do batch key signing.  I've tried most command line
permutations and various magic incantations I can think of, but to no
avail.  I'm hoping someone here can help.

I'm calling gpg from a python script using os.popen3(), and I need to be
able to sign a key given by a key id without any user interaction. 
Testing from the command line, using --batch --no-tty --command-fd 0,
and based on the status output, it looks like it should have worked, but
when I view the key interactively, it is not signed.  Here's what I've
tried:

        [tack@somewhere sc]$ echo -e "passphrase\nsign\ny\nsave\n" | gpg
        --passphrase-fd 0 --command-fd 0 --status-fd 2 --batch --no-tty
        --edit-key 47ECD62C
        [GNUPG:] GET_LINE keyedit.prompt
        [GNUPG:] GOT_IT
        [GNUPG:] GET_BOOL keyedit.sign_all.okay
        [GNUPG:] GOT_IT
        [GNUPG:] GET_LINE keyedit.prompt
        [GNUPG:] GOT_IT

After trying various other approaches, I can only conclude that batch
key signing is impossible short of using an expect-like module.

Can anyone help?

Cheers,
Jason.

-- 
Jason Tackaberry  ::  tack@auc.ca  :: 705-949-2301 x330 
Academic Computing Support Specialist
Information Technology Services
Algoma University College  ::  www.auc.ca