Okay, so I did try to add the sign usage to the master-key. That works well and avoids the use of expect for generating the keys.
But the problem of pinentry still kind of happens everywhere: --passphrase is now ignored when not in batch mode in gpg2, which means there is no way to provide a passphrase programmatically when using --edit-key ... On Wed, Jun 1, 2016 at 7:46 PM, Werner Koch <w...@gnupg.org> wrote: > On Wed, 1 Jun 2016 12:47, dashoho...@gmail.com said: > > > I do it in batch mode like this: > > - > https://github.com/dashohoxha/egpg/blob/gnupg-2.0/src/cmd/key/gen.sh#L42 > > Take care: > > --8<---------------cut here---------------start------------->8--- > local commands="addkey|4|4096|1m|addkey|6|4096|1m|save" > commands=$(echo "$commands" | tr '|' "\n") > script -c "gpg --batch --command-fd=0 --edit-key $GPG_KEY <<< > \"$commands\"" /dev/null >/dev/null > while [[ -n $(ps ax | grep -e '--edit-key' | grep -v grep) ]]; do sleep > 0.5; done > --8<---------------cut here---------------end--------------->8--- > > You can't use gpg this way - it does only work with a certain version > and build if GnuPG. Canned commands too fragile to use - you need to > process the output of --status-fd and act accordingly. > > ps ax | grep -e '--edit-key' | grep -v grep > > does not work either because you assume that there is only one gpg > command running (actually any process with a string '--edit-key'). > > BTW, Unix people use this trick to avoid the inverse grep: > > grep -e '--edit-ke[y]' > > > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > /* EFH in Erkrath: https://alt-hochdahl.de/haus */ > > -- Aurélien Vallée Phone +33 9 77 19 85 61
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
