Importing a particular key from a key ring
David Shaw
dshaw at jabberwocky.com
Sat Sep 22 00:30:02 CEST 2001
On Fri, Sep 21, 2001 at 10:42:25PM +0200, Neal H Walfield wrote:
> This gives a little bit of extra output:
>
> neal at bassanio:~ (0)$ gpg --keyring keyring --armor --export \
> > neal at cs.uml.edu | gpg --import
> gpg: keyblock resource `/home/neal/.gnupg/keyring': file open error
> gpg: key 8BAFCDBD: not changed
> gpg: Total number processed: 1
> gpg: unchanged: 1
>
> Note the superfluous error message. When we provide a full path, this
> message is, as expected, elided:
>
> neal at bassanio:~ (0)$ gpg --keyring $PWD/keyring --export \
> > neal at cs.uml.edu | gpg --import
> gpg: key 8BAFCDBD: not changed
> gpg: Total number processed: 1
> gpg: unchanged: 1
>
> If this is a considered to be a security feature, it is, in my
> personal opinion, better that a full path be enforced.
If a keyring specified with --keyring does not have a path, it is
looked for in your homedir (usually ~/.gnupg). In the first example
above, GnuPG expands "keyring" to "/home/neal/.gnupg/keyring", fails,
and finally gets the key to export from your regular (usually
~/.gnupg/pubring.gpg) keyring. In the second example, it is unclear
which keyring GnuPG will get the key to export from, since the key
presumably exists in both.
You can do this:
gpg --no-default-keyring --keyring ./my-keyring --export user at gnu.org | gpg --import
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 536 bytes
Desc: not available
Url : /pipermail/attachments/20010921/18e9728e/attachment.bin
More information about the Gnupg-devel
mailing list