Pass expiration date param to subkey only via unattended key generation

s7r s7r at
Wed Oct 5 17:13:21 CEST 2022

> Use
>    gpg --quick-gen-key --batch test at ed25519 sign,cert
> and then
>    gpg --quick-add-key --batch FINGERPRINT cv25519 encr sign,cert 2y

Thank you very much!
I will see how I can apply this, in a single sh script with the 
unattended key generation as well. The thing is I "feed" the private key 
material to gnupg for generation, the key is not generated randomly.

Isn't it wise to add a "Subkey-Expire-Date:" param that will map to 
pSUBKEYEXPIRE (I can see there is a pSUBKEYEXPIRE from browsing the 
code)? That will only touch the subkey itself, without caring about the 
primary key? Or it doesn't work like this?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list