Pass expiration date param to subkey only via unattended key generation
s7r
s7r at sky-ip.org
Wed Oct 5 17:13:21 CEST 2022
> Use
>
> gpg --quick-gen-key --batch test at test.com ed25519 sign,cert
>
> and then
>
> gpg --quick-add-key --batch FINGERPRINT cv25519 encr sign,cert 2y
>
Thank you very much!
I will see how I can apply this, in a single sh script with the
unattended key generation as well. The thing is I "feed" the private key
material to gnupg for generation, the key is not generated randomly.
Isn't it wise to add a "Subkey-Expire-Date:" param that will map to
pSUBKEYEXPIRE (I can see there is a pSUBKEYEXPIRE from browsing the
code)? That will only touch the subkey itself, without caring about the
primary key? Or it doesn't work like this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20221005/b3ef12c5/attachment.sig>
More information about the Gnupg-users
mailing list