GnuPG 2.1 Unattended EC Generation

Werner Koch wk at
Tue Nov 11 14:27:54 CET 2014

On Tue, 11 Nov 2014 12:56, nicholas.cole at said:

> Is that still possible?  In version 2.1, if no password is specified,
> gpg2 tries to call pin-entry and ask for a passphrase.

A quick look into the manual (for me the source, but you may want to use
the online version) gives:

  @item %no-protection
  Since GnuPG version 2.1 it is not anymore possible to specify a
  passphrase for unattended key generation.  The passphrase command is
  simply ignored and @samp{%ask-passpharse} is thus implicitly enabled.
  Using this option allows the creation of keys without any passphrase
  protection.  This option is mainly intended for regression tests.

Thus by adding 


to the parameter files you can create a key without a passphrase.

> The second problem is that if gpg is called with a non-standard
> --homedir the whole thing fails with:
> gpg: agent_genkey failed: No pinentry

Install a pinentry.  I guess you put usually have a 
"pinentry-program" line in your gpg-agent.conf.  With a different home
directory the gpg-agent.conf of that home directory is used.  I suggest
to install a symlink to pinentry into the installation dir of gnupg and
not to use "pinentry-program".



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list