On 31/08/18 19:11, Fiedler Roman wrote: > ['/usr/bin/gpg', '--homedir', '/tmp/tmp-3abk6l8', '--with-colons', > '--status-fd', '2', '--pinentry-mode', 'loopback', '--batch', '--gen-key', > '--command-fd', '0']
It is unclear where the passphrase is supposed to come from... so I think it's correct that GnuPG CANcels. Oh, by the way, commands should come last for robustness. I discovered something odd though: --8<---------------cut here---------------start------------->8--- $ cat passphrase my_passphrase $ cat template %echo Generating key Key-Type: RSA Key-Length: 1024 Subkey-Type: ELG-E Subkey-Length: 1024 Name-Real: AutomationKey Expire-Date: 0 %commit $ exec 3<&- 3<passphrase $ cat template|gpg --with-colons --status-fd 2 --pinentry-mode loopback --batch --command-fd 0 --passphrase-fd 3 --gen-key gpg: Generating key gpg: key EC343B15345F4B66 marked as ultimately trusted [GNUPG:] KEY_CONSIDERED 4B3A993572D5ED206D240D91EC343B15345F4B66 0 gpg: revocation certificate stored as '/home/peter/.gnupg/openpgp-revocs.d/4B3A993572D5ED206D240D91EC343B15345F4B66.rev' [GNUPG:] KEY_CREATED B 4B3A993572D5ED206D240D91EC343B15345F4B66 --8<---------------cut here---------------end--------------->8--- That works, with passphrase on fd 3 and command on fd 0. I should delete it though, "ultimately trusted" no thanks. But: --8<---------------cut here---------------start------------->8--- $ exec 3<&- 3<template $ cat passphrase|gpg --with-colons --status-fd 2 --pinentry-mode loopback --batch --command-fd 3 --passphrase-fd 0 --gen-key $ --8<---------------cut here---------------end--------------->8--- Doesn't do anything. --8<---------------cut here---------------start------------->8--- $ exec 3<&- 3<template $ cat passphrase|gpg --with-colons --status-fd 2 --pinentry-mode loopback --batch --command-fd 3 --gen-key gpg: -:1: missing colon $ --8<---------------cut here---------------end--------------->8--- g10/keygen.c appears to be trying to read commands from fd 0 even though I said fd 3. There's no colon in the "command" my_passphrase, so it errors. For now, I'd say go with the one that works. But I don't understand why the others behave as they do. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
