GPG key pair creation - noidcc/tails-group-installer GitHub Wiki

Script to create secring and pubring per user.

Pre: we have a file with n lines containing mail_address:passphrase
Post: we have:
secring_1 -> private key user 1 ... secring_n -> private key user n

pubring -> public keyring for all users (same for all users)
trustdb -> key database of trusted keys (same for all users)

Doc: https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html
Algorism:
--------------------------------Loop (for each user)--------------------------------------

1. Create a file n_batch with needed data for each user
Example: %echo Generating a basic OpenPGP key Key-Type: RSA
Key-Length: 4096
Name-Real: Joe Tester
Name-Comment: with stupid passphrase
Name-Email: [email protected]
Expire-Date: 0
Passphrase: abc
%pubring pubring.pub
%secring sercring_n.sec
%commit
%echo done
2. Create key pair with: "gpg --batch n_batch --gen-key"**
------------------------------------End Loop --------------------------------------
3. Edit trust of all public keys
GnuPG doesn't allow non-interactive assignation of maximum trust to a key so we must:
3.1 Export trust: gpg --export-ownertrust > trust.txt
We get a file like:
BC845F362F255FB343638337C2A61F366D9E0D42: 6:
583B5D91AD2344D8B0EA1F7F0981351E46BF5856: 4:
3.2 Edit file to assing 6 value to all keys
3.3 Import trust: gpg --import-ownertrust < trust.txt