[tor-dev] possible to run --keygen non-interactively?
s7r
s7r at sky-ip.org
Sun Nov 15 15:17:34 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The "Enter passphrase" request when manually calling --keygen is
optional, not mandatory. If you just leave it blank and proceed it
will just create an unencrypted master identity key.
On 11/14/2015 10:18 AM, nusenu wrote:
> Hi,
>
> is there a way to use tor --keygen non-interactively?
>
> background: I might want to integrate offline master key
> functionality into ansible-relayor [1]. The basic idea is to
> generate the master keys on the ansible client and push only the
> required signing keys to the relays (master keys never touch the
> relay). Since every step should be automated, master keys will not
> be passphrase protected. I consider unprotected (no passphrase)
> offline master keys still a lot better than online master keys, but
> currently I don't know how to generate master keys without
> passphrase in an non-interactive way (--keygen asks for the
> passphrase when generating a new key).
>
> If that is not possible (out of the box) yet, would you consider a
> feature request, lets call it '--nopass' that can be used with
> --keygen to generate new keys without passphrase? (a more general
> approach would probably be to have --passphrase <passprase> but
> doing so would potentially write your passphrase to your shell
> history file).
>
>
> thanks!
>
>
>
>
>
>
>
>
>
> [1] https://github.com/nusenu/ansible-relayor
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBCAAGBQJWSKINAAoJEIN/pSyBJlsR4FQH/1OpXMm2tQZ4R8jk3qiskCdB
PJvnPd2PpC5drh7jCRa8Z90TuJClx8j4XJ5YnoAswM01il7DSLDOzXMVeSbygKcb
aE+clhLe1JkO3lODxVGe+4arkhK1JR00/0Dlh6zKG9EtdB1bWeQ8J9E0z9qOt+R4
AR5ov5ezq2NlICpHDUEZwvKDWdhavKtJxeR6xZ9Yn6EQU4/iZeb/MBgSmdCsLflY
HEC7eK3doseXlZPtjYSL2bRPbSvbUJMLSAcN75M09vhgWfdKXDl+MDyinN/hF9gp
/ILJ4p0NZtY8VPnrve14CGalQ4XC+oeJv8OY8Kpwy6vWCwf6N5Q6FhjawhxMikU=
=UvRo
-----END PGP SIGNATURE-----
More information about the tor-dev
mailing list