How to batch generate ed25519 keys ?
Denis Iskandarov
d.iskandarov at gmail.com
Fri Oct 7 16:20:11 CEST 2022
How to generate ed25519 keys using "gpg --full-generate-key --batch"
command?
This is the command from one of the latest my at:
gpg --full-generate-key --batch << EOF
> %no-protection
> Key-Type: ecc
> Key-Curve: ed25519
> Subkey-Type: ecc
> Subkey-Length: cv25519
> Expire-Date: 0
> Name-Real: demo-cluster
> Name-Comment: secrets encryption
> EOF
>
> gpg: signing failed: Invalid digest algorithm
> gpg: make_keysig_packet failed: Invalid digest algorithm
> gpg: key generation failed: Invalid digest algorithm
What are the correct values or config for such a standard case?
Where is it possible to see the correct list of available algorithms and
their settings (curve) for such configurations?
I thought that (sub)key-type accepts the same numbers as seen in
interactive non-batch "gpg --full-generate-key".
Using interactive "--full-generate-key" works, of course, flawlessly, but I
was not able to get enough hints from it on how to build config for
batch operations.
Why one algo is ed25519 and the other one is cv25519?
Sad that there are no clear instructions/docs for that, or it is required
to learn all docs by heart and make PhD for all related crypto libs and
apps. But if you give me some info I hopefully will be able to compile some
little article. Just tired that 99% of all examples on the internet use RSA
and "--quick-gen-key".
(I've been reading your docs and trying to google answers for quite some
time :) )
(Cursed XXI century, why do some applications can't add a little bit more
convenience and stop trying to look like crap from the 1990s)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20221007/4b33575b/attachment-0001.html>
More information about the Gnupg-users
mailing list