Join Log in
Score:0
cliusz avatar Server

How to expand the expiration of gpg subkey while it had expired in shell script?

bq flag
cliusz

It is Nov 27, 2022 now. The environment is below:

user@domain:~$ date
Sun Nov 27 00:32:12 HKT 2022
user@domain:~$ gpg -K --keyid-format long --with-fingerprint --with-subkey-fingerprint --with-keygrip user
sec   rsa4096/CCCCCCCCCCCCCCCC 2022-03-31 [C] [expires: 2022-11-30]
      Key fingerprint = BBBB BBBB BBBB BBBB BBBB  BBBB BBBB BBBB BBBB BBBB
      Keygrip = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
uid                 [ultimate] Chen LIU (first on nested) <[email protected]>

user@domain:~$ gpg --edit-key user quit
gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa4096/CCCCCCCCCCCCCCCC
     created: 2022-03-31  expires: 2022-11-30  usage: C   
     trust: ultimate      validity: ultimate
ssb  ed25519/AAAAAAAAAAAAAAAA
     created: 2022-03-31  expired: 2022-04-29  usage: A   
ssb  ed25519/SSSSSSSSSSSSSSSS
     created: 2022-03-31  expired: 2022-04-28  usage: S   
ssb  cv25519/EEEEEEEEEEEEEEEE
     created: 2022-03-31  expired: 2022-04-27  usage: E   
[ultimate] (1). Testuser (first on nested) <[email protected]>

user@domain:~$

I know in interactive mode to do as below:

user@domain:~$ gpg --edit-key email
...
gpg> key 2
gpg> expire
Changing expiration time for a subkey.
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 3
Key expires at Wednesday, November 30, 2022 AM12:46:14 HKT
Is this correct? (y/N) y
...
gpg> save
user@domain:~$ gpg -K --keyid-format long --with-fingerprint --with-subkey-fingerprint --with-keygrip email
sec   rsa4096/CCCCCCCCCCCCCCCC 2022-03-31 [C] [expires: 2022-11-30]
      Key fingerprint = BBBB BBBB BBBB BBBB BBBB  BBBB BBBB BBBB BBBB BBBB
      Keygrip = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
uid                 [ultimate] Testuser (first on nested) <[email protected]>
ssb   ed25519/SSSSSSSSSSSSSSSS 2022-03-31 [S] [expires: 2022-11-29]
      Key fingerprint = FFFF FFFF FFFF FFFF FFFF  FFFF FFFF FFFF FFFF FFFF
      Keygrip = GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

BUT How to expand the expiration of Sign subkey in shell script?

  1. how to get the output result of gpg --edit-key email?
  2. how to put "key 2", "expire", "3", "y", "save" into gpg?

While the sign subkey is not expired, it can showed in gpg -K. I can:

gpg --quick-set-expire "BBBB BBBB BBBB BBBB BBBB  BBBB BBBB BBBB BBBB BBBB" 2022-11-29 "FFFF FFFF FFFF FFFF FFFF  FFFF FFFF FFFF FFFF FFFF"
111
0 + 1
gpg
dave_thompson_085 avatar
jp flag
dave_thompson_085
To include expired (or revoked) in `--list-keys/-k --list-secret-keys/-K` use `--list-options show-unusable-subkeys`
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.