-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The "Enter passphrase" request when manually calling --keygen is optional, not mandatory. If you just leave it blank and proceed it will just create an unencrypted master identity key.
On 11/14/2015 10:18 AM, nusenu wrote: > Hi, > > is there a way to use tor --keygen non-interactively? > > background: I might want to integrate offline master key > functionality into ansible-relayor [1]. The basic idea is to > generate the master keys on the ansible client and push only the > required signing keys to the relays (master keys never touch the > relay). Since every step should be automated, master keys will not > be passphrase protected. I consider unprotected (no passphrase) > offline master keys still a lot better than online master keys, but > currently I don't know how to generate master keys without > passphrase in an non-interactive way (--keygen asks for the > passphrase when generating a new key). > > If that is not possible (out of the box) yet, would you consider a > feature request, lets call it '--nopass' that can be used with > --keygen to generate new keys without passphrase? (a more general > approach would probably be to have --passphrase <passprase> but > doing so would potentially write your passphrase to your shell > history file). > > > thanks! > > > > > > > > > > [1] https://github.com/nusenu/ansible-relayor -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJWSKINAAoJEIN/pSyBJlsR4FQH/1OpXMm2tQZ4R8jk3qiskCdB PJvnPd2PpC5drh7jCRa8Z90TuJClx8j4XJ5YnoAswM01il7DSLDOzXMVeSbygKcb aE+clhLe1JkO3lODxVGe+4arkhK1JR00/0Dlh6zKG9EtdB1bWeQ8J9E0z9qOt+R4 AR5ov5ezq2NlICpHDUEZwvKDWdhavKtJxeR6xZ9Yn6EQU4/iZeb/MBgSmdCsLflY HEC7eK3doseXlZPtjYSL2bRPbSvbUJMLSAcN75M09vhgWfdKXDl+MDyinN/hF9gp /ILJ4p0NZtY8VPnrve14CGalQ4XC+oeJv8OY8Kpwy6vWCwf6N5Q6FhjawhxMikU= =UvRo -----END PGP SIGNATURE----- _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
