Pass expiration date param to subkey only via unattended key generation
s7r at sky-ip.org
Tue Oct 4 23:21:19 CEST 2022
A script will create on demand GPG keys unattended that will be further
used to automatically sign a document, but the requirement is that they
must also include an Encryption subkey to receive feedback securely.
Question is: keys can be generated unattended just fine, except I did
not find a clear way to pass an Expire date param to the encryption
subkey only, and not the primary key as well. The requirement is that
the primary key must NEVER expire and the encryption subkey MUST expire
in 2 years.
Key-Usage: sign, cert, auth
Name-Email: test at test.com
How to pass an expiration date ONLY for the encryption subkey while
leaving the primary key with no expiration date?
(I know that this goal can be later achieved by using $ gpg --edit-key
but I am looking for a solution within the unattended key generation itself)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users