On 01/06/16 21:20, Aurélien Vallée wrote: > Okay, so I did try to add the sign usage to the master-key. That works > well and avoids the use of expect for generating the keys.
I think it's still an odd limitation of the Key-Usage: option that you cannot generate a master key without optional usages. Either "none" or "certify" would be a good option to have, where I regard "certify" definitely the prettier way to phrase it. Then Key-Usage: sign would do Sign, Certify for a primary key, implicitly adding certify. And Key-Usage: certify would do just Certify for a primary key. > But the problem of pinentry still kind of happens everywhere: > --passphrase is now ignored when not in batch mode in gpg2, which means > there is no way to provide a passphrase programmatically when using > --edit-key ... Disclaimer: I know very little of programmatic use of GnuPG. Is it an option to upgrade your GnuPG to 2.1? I think it provides for a less bumpy ride with the pinentry loopback. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
