Importing a particular key from a key ring

David Shaw dshaw@jabberwocky.com
Fri Sep 21 23:30:02 2001 

--uAKRQypu60I7Lcqm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 21, 2001 at 10:42:25PM +0200, Neal H Walfield wrote:


> This gives a little bit of extra output:

>=20

>         neal@bassanio:~ (0)$ gpg --keyring keyring --armor --export \

>         > neal@cs.uml.edu | gpg --import

>         gpg: keyblock resource `/home/neal/.gnupg/keyring': file open err=

or

>         gpg: key 8BAFCDBD: not changed

>         gpg: Total number processed: 1

>         gpg:              unchanged: 1

>=20

> Note the superfluous error message.  When we provide a full path, this

> message is, as expected, elided:

>=20

>         neal@bassanio:~ (0)$ gpg --keyring $PWD/keyring --export \

>         > neal@cs.uml.edu | gpg --import

>         gpg: key 8BAFCDBD: not changed

>         gpg: Total number processed: 1

>         gpg:              unchanged: 1

>=20

> If this is a considered to be a security feature, it is, in my

> personal opinion, better that a full path be enforced.


If a keyring specified with --keyring does not have a path, it is
looked for in your homedir (usually ~/.gnupg).  In the first example
above, GnuPG expands "keyring" to "/home/neal/.gnupg/keyring", fails,
and finally gets the key to export from your regular (usually
~/.gnupg/pubring.gpg) keyring.  In the second example, it is unclear
which keyring GnuPG will get the key to export from, since the key
presumably exists in both.

You can do this:

    gpg --no-default-keyring --keyring ./my-keyring --export user@gnu.org |=
 gpg --import

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--uAKRQypu60I7Lcqm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQEVAwUBO6uw5Yccwqs8s7QVAQH+Ogf9EtP1JvSzu70lr1CnQLTLY5WDzolJpErF
BG/wusutw/3QqeT1VHnIn8WJ/l3qE8o6+4B4wWRpFoZMrvyvM5YqP1hU4ghzh54g
JeiL81t7XQNhpwKqC3wcHpZeb+4nkAJuSeNXaBNTUeLmtyeb8GyttmeyCx4Z1iHg
Ux7TalFEFa4fC2kAvwtiEvdzkkBCX5mDIwnTuH8bYerrkuNZLK0aJ4Iu32/encny
ZHFWFA4obCTFHxYpS5XkmjERFsJ4Kk0u35BPJOI0XG3OwHZCDCMS09W7JR8i0AcW
Gs2CzuTBnc2r/6TXV/9v4RhP0qiJv8p25UChiOgNMLGrp1cLaF1dOw==
=d2aj
-----END PGP SIGNATURE-----

--uAKRQypu60I7Lcqm--