From an strace of a running seahorse process (i used "strace -f -s4096 seahorse"), i get this output during the key creation of a key that is ostensibly "RSA (Sign-Only)":
[...]
11214 execve("/usr/bin/gpg", ["gpg", "--batch", "--no-sk-comment",
"--lc-messages", "C", "--lc-ctype", "C", "--status-fd", "16", "--no-tty",
"--charset", "utf8", "--enable-progress-filter", "--display", "localhost:11.0",
"--ttyname", "/dev/pts/10", "--ttytype", "rxvt", "--gen-key"], [/* 19 vars */])
= 0
[...]
11214 <... read resumed> "Key-Type: RSA\nKey-Length: 2048\nName-Comment: DO NOT
USE!!!\nName-Email: [EMAIL PROTECTED]: Test User\nExpire-Date: 0\nPassphrase:
abc\n"..., 8192) = 140
[...]
So the problem appears to be that the --batch --gen-key process is
being handed a script without a Key-Usage: instruction.
From /usr/share/doc/gnupg/DETAILS.gz:
Key-Usage: <usage-list>
Space or comma delimited list of key usage, allowed values are
"encrypt", "sign", and "auth". This is used to generate the
key flags. Please make sure that the algorithm is capable of
this usage. Note that OpenPGP requires that all primary keys
are capable of certification, so no matter what usage is given
here, the "cert" flag will be on. If no Key-Usage is
specified, all the allowed usages for that particular
algorithm are used.
Hope this is helpful,
--dkg
pgpxnMXkBnfKr.pgp
Description: PGP signature
