managing OpenPGP cards in batch mode?
Daniel Pocock
daniel at pocock.pro
Tue May 3 20:20:14 CEST 2016
On 03/05/16 15:55, Dashamir Hoxha wrote:
> On Tue, May 3, 2016 at 3:04 PM, Daniel Pocock <daniel at pocock.pro
> <mailto:daniel at pocock.pro>> wrote:
>
> I tried this with GnuPG 2.0.26 on Debian:
>
> $ gpg2 --card-edit --batch
> gpg: can't do this in batch mode
>
>
> You can try something like this:
> - https://github.com/nyarly/simplekey/blob/master/commands/trust#L46-L50
> or like this:
> - https://github.com/dashohoxha/egpg/blob/master/src/cmd/key/renew.sh#L40-L47
Thanks for this feedback
This is a list of all the things that I need to batch/manage from the
whiptail UI:
gen-key (and get back the key ID)
adduid
- GnuPG 2.1 has --quick-adduid
adding more subkeys (addkey)
"--gen-key --batch" only creates one subkey
gen-revoke
card-edit (for setting PIN, etc)
keytocard
The method you propose appears to be dependent on a particular GnuPG
version / menu strings. As it will be on a Live CD we could live with
that temporarily because it will be immutable and users won't mix and
match the script with different GnuPG versions. In the long term it
would be nice to do all those things through batch mode or an API though.
Regards,
Daniel
More information about the Gnupg-users
mailing list