Extracting valid content; command line use of --edit-key
mwy-gpg41 at the-youngs.org
Tue Apr 2 01:11:01 CEST 2002
-----BEGIN PGP SIGNED MESSAGE-----
I'm trying to build a script to extract just the valid
keys and names from a keyring, and have run up against
limitations in the batch handling of "--edit-key" commands.
Specifically, if I have a key with several names:
uid:q::::::::bogus <bogus at example.com>:
I'd like to be able to issue the following command:
gpg --batch --edit-key 0x4E2CFFB61B8F6913E44E923BE5ED2A5D040A01BB uid 2
to eliminate one of the dubious names.
Alas, this fails:
gpg: Sorry, we are in batchmode - can't get input.
None of the "--no-tty", "--yes", or "--quiet" switches has an effect.
I've tried using the "--command-fd" switch to no avail. It does
eliminate the message, but that's not all. Depending on the other
switches, it either: exits without saving (with a "Key not changed
so no update needed" message, or nothing at all); or, hangs waiting
for input without a prompt (and then exits without saving after
any input). [In case it matters, and I could see that being the
case here, I've been using the Windows binary for this experimentation.]
Before I get into debugging this, is there another combination
of switches that does what I want? Or have I run across a bug
that has been fixed since the stable 1.0.6? If I do need to
fix it, how do you want it to work?
I'm also open to other solutions to my original problem. If there's
a way to extract the valid subset in the first place, instead of
removing the invalid content, that would be even better. As you
can see, it need not be a single command -- I can live with a script.
[Why do I want to do any of this? I'd like to generate a keyring
for use with programs that have inadequate trust/validity rules;
for example, many remailer clients do no checking whatsoever.
Such a keyring could also be used with GnuPG, using "--always-trust".
I'd like to be able to update the keyring automatically (for example,
via keyserver, e-mail, or web pages), but only pick up valid material.]
Thanks for any help you can offer!
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
-----END PGP SIGNATURE-----
More information about the Gnupg-devel