Menu
I acquired a YubiKey and intend to use pass with it, so I'm trying to script my key generation and move to card for rotation. To my dismay, gpg doesn't support batch mode in a lot of operations, --edit-key and --edit-card being part of that list, nor can it do operations based on command-line arguments. I find this appalling in a CLI tool, to say the least!
Obviously I tried redirecting stdin, but while running gpg --batch --gen-key in a script complains about ioctl issues for pinentry and requires setting GPG_TTY, here it somehow knows how to use the tty without any help. Convenient...
So how can I script operations of these subcommands, preferably with pin-entry dialogs when required so I don't have to run it myself in the script?
925
Turns out there's are the --command-fd and --status-fd options. They can be used like so:
GPG_TTY=$(tty) gpg --command-fd=0 --status-fd=1 --expert --edit-key $KEY
In case you want to input passwords through the stdin instead of using pinentry, pass also the --pinentry-mode loopback argument.
129
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
