clarification on automated signing

danl001 danl001 at
Wed Jan 21 18:59:35 CET 2004


I need to do some automated signing in a script so I read the "How can I 
use GnuPG in an automated environment?" section of the FAQ at

I have a few questions. So I start by creating a keypair the usual way 
using --gen-key and then add an additional signing subkey. Then I export 
  the secret keys using --export-secret-keys >

The FAQ answer then says to copy and pubring.gpg to a test 
directory. Do I need to rename to secring.gpg? If i don't, 
gpg just creates a 0 length secring.gpg file anyway. I can remove the 
passphrase with passwd, but which keys should I actually delete? I only 
want to have the subkey installed on the target machine, right? How do I 
do this?

It then says to copy to the target machine and "install" it 
as the secret key ring. What exactly does install mean here? Do I need 
to rename it to secring.gpg? Also, do I need to copy over pubring.gpg 
with it?

If someone could clarify the process of setting things up for automated 
signing, I'd appreciate it. Thanks.

More information about the Gnupg-users mailing list