security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: New option --forbid-gen-key.

Browse source 
* g10/gpg.c (oForbidGenKey, opts): New option.
(mopt): New local struct
(gen_key_forbidden): New.
(main): Set and handle the option.
--

In large system installation it is sometimes useful to make it a bit
harder for users to generate their own keys.  An example is a policy
to not use on-disk keys.
This commit is contained in:
Werner Koch 2021-11-22 20:59:22 +01:00
parent b091a250d1
commit c397ba3ac0
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 46 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
doc/gpg.texi
View file

@ -3635,6 +3635,12 @@ This option modifies the behaviour of the commands
sub-commands of @option{--edit-key} by forcing the creation of a key
signature, even if one already exists.
@item --forbid-gen-key
@opindex forbid-gen-key
This option is intended for use in the global config file to disallow
the use of generate key commands. Those commands will then fail with
the error code for Not Enabled.
@item --allow-secret-key-import
@opindex allow-secret-key-import
This is an obsolete option and is not used anywhere.