GnuPG 2.1 Unattended EC Generation
nicholas.cole at gmail.com
Tue Nov 11 12:56:59 CET 2014
On Mon, Nov 10, 2014 at 4:41 PM, Werner Koch <wk at gnupg.org> wrote:
> On Mon, 10 Nov 2014 12:52, nicholas.cole at gmail.com said:
>> How does unattended generation of elliptic curve keys work? As far as
>> I can see, that section of the manual has not been updated for the new
>> EC options, but I presume that it has to work slightly differently.
>> Am I right that key-length is now a no-op? And how do you specify the
> Right, you need to use "Key-Curve" or "Subkey-Curve". Curve names are
> as supported by Libgcrypt, for example: "nistp256" or "ed25519".
Two smaller problems.
Under previous versions, failing to provide a
would create a key without a passphrase. This was useful for testing purposes.
Is that still possible? In version 2.1, if no password is specified,
gpg2 tries to call pin-entry and ask for a passphrase.
The second problem is that if gpg is called with a non-standard
--homedir the whole thing fails with:
gpg: agent_genkey failed: No pinentry
gpg: key generation failed: No pinentry
I'm sure this means that I'm invoking the new gpg2 and gpg-agent
Sorry for all the flood of questions. gpg2 "modern" is very exciting,
but getting all the pieces to work as they used to (and making changes
for the new system) is going to take a bit of time!
More information about the Gnupg-users