gpg --gen-key keyring behaviour

zem zem at vigilant.tv
Fri May 23 12:42:03 CEST 2003


The Unix version of GnuPG 1.2.1 appears to ignore the 
--no-default-keyring and --keyring directives when generating a key.  
'--secret-keyring' seems to work, but the public key is written to the 
default keyring, rather than the one specified on the command line - at 
least in the case where the specified public keyring does not yet 
exist:

$ gpg --no-default-keyring --secret-keyring test.sec --keyring test.pub 
-vv --gen-key
[...]
gpg: keyring `/home/zem/.gnupg/test.sec' created
gpg: keyblock resource `/home/zem/.gnupg/test.pub': file open error
[...]
gpg: writing public key to `/home/zem/.gnupg/pubring.gpg'
gpg: writing secret key to `/home/zem/.gnupg/test.sec'

I get similar results in batch keygen mode, whether or not I use the 
'%pubring' and '%secring' directives.

Is this a bug or a feature?  Am I missing something?


Also, I think I've discovered a bug in batch mode key generation with 
the win32 client 1.2.2.  If I specify a secret keyring with '%secring', 
--gen-key overwrites existing keys in that keyring.  Removing the 
'%pubring' and '%secring' directives and using '--no-default-keyring', 
'--keyring' and '--secret-keyring' instead, fixes the problem - the 
win32 client doesn't ignore these.

I couldn't find this mentioned in the bug tracking database.  Is it a 
known problem?  I can provide test data to reproduce the behaviour if 
it helps.


-- 
mailto:zem at vigilant.tv F289 2BDB 1DA0 F4C4 DC87 EC36 B2E3 4E75 C853 FD93
http://vigilant.tv/    "..I'm invisible, I'm invisible, I'm invisible.." 






More information about the Gnupg-devel mailing list