non-interactive expiration of a key using --batch?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon May 7 16:31:24 CEST 2012 

On 05/07/2012 04:26 AM, Werner Koch wrote:
> On Sat,  5 May 2012 00:38, dkg at fifthhorseman.net said:
> 
>> Any ideas what's going on here?  Am i wrong to try to use --batch in
>> this instance?
> 
> It would be useful to add --status-fd 2, so that you can see what gpg
> actually expects as user/batch input.


here you go, with --status-fd 2 (wrapped in --list-keys so you can see
that the expiration date doesn't change):

-----------------------

0 wt215 at pip:~$ gpg --list-keys test at example.org
pub   1024R/20819466 2012-05-03 [expires: 2012-07-09]
uid                  blab blab (DO NOT USE!) <test at example.org>

0 wt215 at pip:~$ printf "10w\nsave\n" | gpg --batch --passphrase-fd 3
--command-fd 0 --status-fd=2 --edit-key test at example.org expire 3<pw
Secret key is available.

pub  1024R/20819466  created: 2012-05-03  expires: 2012-07-09  usage: SC
                     trust: ultimate      validity: ultimate
[ultimate] (1). blab blab (DO NOT USE!) <test at example.org>

Changing expiration time for the primary key.
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
[GNUPG:] GET_LINE keygen.valid
[GNUPG:] GOT_IT
Key expires at Mon 16 Jul 2012 10:29:02 AM EDT
[GNUPG:] USERID_HINT 34759F1120819466 blab blab (DO NOT USE!)
<test at example.org>
[GNUPG:] NEED_PASSPHRASE 34759F1120819466 34759F1120819466 1 0
[GNUPG:] GOOD_PASSPHRASE

pub  1024R/20819466  created: 2012-05-03  expires: 2012-07-16  usage: SC
                     trust: ultimate      validity: ultimate
[ultimate] (1). blab blab (DO NOT USE!) <test at example.org>

0 wt215 at pip:~$ gpg --list-keys test at example.org
pub   1024R/20819466 2012-05-03 [expires: 2012-07-09]
uid                  blab blab (DO NOT USE!) <test at example.org>

0 wt215 at pip:~$
-------------------------


I don't see anything in the --status-fd output that gives me more of a
clue, unfortunately.

Any pointers?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120507/95a03241/attachment.pgp>

More information about the Gnupg-users mailing list