--secret-keyring alternative for gpg 2.1

Guilhem Moulin guilhem at fripost.org
Mon Dec 29 14:36:56 CET 2014

Hi list,

--secret-keyring has been obsoleted in the 2.1 branch, and all secret
keys are stored in ${GNUPGHOME:-~/.gnupg}/private-keys-v1.d instead.
Unfortunately, that breaks tools like caff(1) (from the Debian package
signing-party), which have their own GnuPG Home for configuration file
and public keyring but use the default secret keyring for signing.

    gpg --homedir=$HOME/.caff/gnupghome --secret-keyring=${GNUPGHOME:-~/.gnupg}/secring.gpg

AFAICT the only fix is to symlink ~/.caff/gnupghome/private-keys-v1.d
to ${GNUPGHOME:-~/.gnupg}/private-keys-v1.d .  It'd be better if
--secret-keyring (or a new option) could be used to specify the
directory in which secret keys are stored, e.g.,

    gpg2 --homedir=$HOME/.caff/gnupghome --secret-keydir=${GNUPGHOME:-~/.gnupg}/private-keys-v1.d

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: </pipermail/attachments/20141229/e413161e/attachment.sig>

More information about the Gnupg-devel mailing list