Migration assistant
Robert J. Hansen
rjh at sixdemonbag.org
Tue Feb 23 02:38:29 CET 2016
I'm dusting off an old set of scripts that I used to use for migrating
GnuPG instances from one machine to another. I have to revisit some of
the logic to update it for GnuPG 2.1. I know roughly what should be
here, but before I update the code and share it with the world I'd like
to have it *precisely* correct.
In GNUPG_HOME ($HOME/.gnupg, or %APPDIR%/GnuPG):
gpg-agent.conf
gpg.conf
pubring.gpg
secring.gpg
trustdb.gpg
pubring.kbx
sshcontrol
crls.d/*
openpgp-revocs.d/CUSTOM_LOGIC_1
private-keys-v1.d/CUSTOM_LOGIC_2
CUSTOM_LOGIC_1:
Iterate over all files in this directory
If the filename could be a SHA-1 hexadecimal hash:
If the filename ends in ".rev":
If the file contents contains a line with ":-----BEGIN
PGP PUBLIC KEY BLOCK-----":
Flag this file for inclusion in the archive
CUSTOM_LOGIC_2:
Iterate over all files in this directory
If the filename could be a SHA-1 hexadecimal hash:
If the filename ends in ".key":
Flag this file for inclusion in the archive
Do I have this correct? Are there any files that I'm missing? Is there
any better logic I can use for the contents of the crls.d/ subdirectory
except "better grab everything, I guess"?
More information about the Gnupg-users
mailing list