generating revocation certs non-interactively
luis at greenhost.nl
Tue May 5 01:14:27 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
I am working with a friend on project to try and get lots and lots of
people on encrypted email at an event using something like a photobooth.
At the end of the experience you leave with a keypair and little gift
wrapped with your revocation cert.
To do this efficiently we are using the batch generation option, I have
a set of scripts that can generate the key, copy it to the final user's
media and then shred it. It all works like a charm. Along with the
keypair we would also like to generate a revocation certificate. Keys
are passwordless, so at first I thought that it should be straight forward.
I couldn't find any documentation on how to do the same batch generation
for the revocation certificate. So I'm a little stuck. The --gen-revoke
option prompts the user for 4 questions for a passwordless key, 5 if the
key has a password and I couldn't get around this.
I have tried the python wrapper, but the python API doesn't seem to
expose revocation certificate generation.
Calling the --gen-revoke option in combination with the --batch option
gpg: can't do this in batch mode
So maybe this is so by design?
How could I get around the interactive process and generate the
I have also tried pexpect to 'mock' user input to bypass interaction, no
Any help would be greatly appreciated.
Greenhost - Duurzame Hosting en Digitale Veiligheid
1018 DN TS Amsterdam
T: 020 489 4349
You may verify my identity using these weird numbers
7F1D B683 6410 EB2E 4459 0CCA 758D 90BB 2857 4DFE
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users