Exporting only trusted public keys

Jeff McAdams jeffm@iglou.com
Thu Aug 21 01:00:01 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Also Sprach Neil Williams Content-Description: signed data
>On Wednesday 20 Aug 2003 10:33 pm, Neil Williams wrote:
>> With a keyring of >400 now, I know that I have approx 150 completely
>> redundant keys in the keyring - usually keys imported to validate
>> one-off emails or wrongly imported to try and form a web of trust.
>> These show up in KGPG as Trust:?

>After a little thought, I came up with these commands:
>1. Retrieve details of only trusted keys:
>$ gpg --list-keys --with-colons | grep "pub:[u|f|m]:" > trusted.txt
>2. use perl to obtain the 16character keyid form:
>$ cat trusted.txt | perl -e 'while (<>) { $_ =3D~ /([A-Z0-9]{16})/;print "=
$1 "}'=20
>> export.txt
>3. Export each keyid into one keyring.
>$ cat export.txt | perl -e 'while(<>){`gpg -a --output trusted.gpg --expor=

Just an attempt to help out...

The above, essentially munged into a single pipeline.

gpg --list-keys --with-colons | grep "^pub:[u|f|m]:" | cut -f5 -d":" | \
xargs gpg -a --export | gpg --import --nodefault-keyring --keyring \

Replace "/tmp/foo.gpg" with the destination keyring, of course.

This also eliminates the use of perl in the pipeline, while
accomplishing the same thing and also eliminates the use of the
intermediate temporary files.

FWIW.  Do what you will with that.  :)
Jeff McAdams
"He who laughs last, thinks slowest." -- anonymous

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.2 (GNU/Linux)