1
0
mirror of https://github.com/drduh/YubiKey-Guide.git synced 2024-12-22 13:48:06 +00:00

Merge pull request #463 from forbytten/gpg_passphrase_fd_0

Pass passphrase to gpg using --passphrase-fd 0
This commit is contained in:
drduh 2024-11-03 18:21:56 +00:00 committed by GitHub
commit dea24f4fa0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -393,7 +393,7 @@ Do not set an expiration date on the Certify key.
Generate the Certify key: Generate the Certify key:
```console ```console
gpg --batch --passphrase "$CERTIFY_PASS" \ echo "$CERTIFY_PASS" | gpg --batch --passphrase-fd 0 \
--quick-generate-key "$IDENTITY" "$KEY_TYPE" cert never --quick-generate-key "$IDENTITY" "$KEY_TYPE" cert never
``` ```
@ -413,7 +413,7 @@ Use the following command to generate Signature, Encryption and Authentication S
```console ```console
for SUBKEY in sign encrypt auth ; do \ for SUBKEY in sign encrypt auth ; do \
gpg --batch --pinentry-mode=loopback --passphrase "$CERTIFY_PASS" \ echo "$CERTIFY_PASS" | gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
--quick-add-key "$KEYFP" "$KEY_TYPE" "$SUBKEY" "$EXPIRATION" --quick-add-key "$KEYFP" "$KEY_TYPE" "$SUBKEY" "$EXPIRATION"
done done
``` ```
@ -442,12 +442,12 @@ ssb rsa4096/0xAD9E24E1B8CB9600 2024-01-01 [A] [expires: 2026-05-01]
Save a copy of the Certify key, Subkeys and public key: Save a copy of the Certify key, Subkeys and public key:
```console ```console
gpg --output $GNUPGHOME/$KEYID-Certify.key \ echo "$CERTIFY_PASS" | gpg --output $GNUPGHOME/$KEYID-Certify.key \
--batch --pinentry-mode=loopback --passphrase "$CERTIFY_PASS" \ --batch --pinentry-mode=loopback --passphrase-fd 0 \
--armor --export-secret-keys $KEYID --armor --export-secret-keys $KEYID
gpg --output $GNUPGHOME/$KEYID-Subkeys.key \ echo "$CERTIFY_PASS" | gpg --output $GNUPGHOME/$KEYID-Subkeys.key \
--batch --pinentry-mode=loopback --passphrase "$CERTIFY_PASS" \ --batch --pinentry-mode=loopback --passphrase-fd 0 \
--armor --export-secret-subkeys $KEYID --armor --export-secret-subkeys $KEYID
gpg --output $GNUPGHOME/$KEYID-$(date +%F).asc \ gpg --output $GNUPGHOME/$KEYID-$(date +%F).asc \
@ -1825,8 +1825,8 @@ export EXPIRATION=2y
Renew the Subkeys: Renew the Subkeys:
```console ```console
gpg --batch --pinentry-mode=loopback \ echo "$CERTIFY_PASS" | gpg --batch --pinentry-mode=loopback \
--passphrase "$CERTIFY_PASS" --quick-set-expire "$KEYFP" "$EXPIRATION" \ --passphrase-fd 0 --quick-set-expire "$KEYFP" "$EXPIRATION" \
$(gpg -K --with-colons | awk -F: '/^fpr:/ { print $10 }' | tail -n "+2" | tr "\n" " ") $(gpg -K --with-colons | awk -F: '/^fpr:/ { print $10 }' | tail -n "+2" | tr "\n" " ")
``` ```