As it stands, the unattended key generation only allows one to have a single subkey specified in the parameter file. It is limited and assumes there can only be one subkey.
However, we know that an OpenPGP smartcard has three slots: for sign, encrypt, and authenticate. For those who wish to have an auth subkey (e.g. to use as an SSH identity), this means the key generation interface is ill-suited for smartcard keys.
Consider this a feature request for the unattended key generation interface in batch mode to support an unlimited number of additional subkeys. I would propose the parameters to be termed Subkey[n]-(Type|Length|Usage) etc. unless someone can think of something more clever.
To create a key meant to be transferred to a smartcard and fill all three slots, it might look something like this:
Key-Type: RSA Key-Length: 4096 Key-Usage: cert,sign Subkey-Type: RSA Subkey-Length: 4096 Subkey-Usage: encrypt Subkey2-Type: RSA Subkey2-Length: 4096 Subkey2-Usage: auth
To illustrate, I wrote a patch that grants me this option; but bear in mind I'm highly amateurish in C and am uncertain of its total correctness. Would greatly appreciate the effort of GnuPG developers towards this feature.
Likewise, this scheme should be supported by the "default-new-key-algo" and/or "default_pubkey_algo" which is currently rsa3072/cert,sign+rsa3072/encr—it should be possible to specify rsa4096/cert,sign+rsa4096/encr+rsa4096/auth.