gpg --gen-key keyring behaviour
dshaw at jabberwocky.com
Sun May 25 07:30:24 CEST 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, May 25, 2003 at 12:24:02PM +1000, zem wrote:
> On Sat, 24 May 2003 12:55 pm, David Shaw wrote:
> > Hmm. Are you sure you are using 1.2.1 ? If so, do you have a
> > "keyring xxx" line in your gpg.conf file? GnuPG will only create a
> > new keyring if it is the first ring specified.
> Ah. Yes, there's a 'keyring' line in my config file. I'm using 1.2.1,
> from the OpenBSD 3.3 ports tree.
> When you say '..the first ring specified', do you mean both the first
> public and the first secret; or just the very first of either type?
Both the first public and the first secret.
> Shouldn't '--no-default-keyring' cause the keyring specified on the
> command line to be considered the first, and subsequently created?
No. --no-default-keyring just undoes the default keyrings. Any
"keyring" options in the gpg.conf file get read next, followed by any
on the command line. If you want to disregard the gpg.conf file, you
need to do --no-options as well.
> I'm calling gpg in batch mode from another application, and trying to
> keep any keys I generate separate from existing keyrings. Am I going
> about it the right way by specifying keyring filenames directly, or
> would it be more appropriate to use --homedir?
Purely depending on what you like. Personally, I'd do it the way you
are doing it as --homedir implies some other stuff (location of
gpg.conf file, location of random seed file) that you don't have to
worry about given your current solution.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-devel