Exporting only trusted public keys
Jeff McAdams
jeffm@iglou.com
Thu Aug 21 01:00:01 2003
--SLDf9lqlvOQaIe6s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Also Sprach Neil Williams Content-Description: signed data
>On Wednesday 20 Aug 2003 10:33 pm, Neil Williams wrote:
>> With a keyring of >400 now, I know that I have approx 150 completely
>> redundant keys in the keyring - usually keys imported to validate
>> one-off emails or wrongly imported to try and form a web of trust.
>> These show up in KGPG as Trust:?
>After a little thought, I came up with these commands:
>1. Retrieve details of only trusted keys:
>$ gpg --list-keys --with-colons | grep "pub:[u|f|m]:" > trusted.txt
>
>2. use perl to obtain the 16character keyid form:
>$ cat trusted.txt | perl -e 'while (<>) { $_ =3D~ /([A-Z0-9]{16})/;print "=
$1 "}'=20
>> export.txt
>
>3. Export each keyid into one keyring.
>$ cat export.txt | perl -e 'while(<>){`gpg -a --output trusted.gpg --expor=
t=20
>$_`;}'
Just an attempt to help out...
The above, essentially munged into a single pipeline.
gpg --list-keys --with-colons | grep "^pub:[u|f|m]:" | cut -f5 -d":" | \
xargs gpg -a --export | gpg --import --nodefault-keyring --keyring \
/tmp/foo.gpg
Replace "/tmp/foo.gpg" with the destination keyring, of course.
This also eliminates the use of perl in the pipeline, while
accomplishing the same thing and also eliminates the use of the
intermediate temporary files.
FWIW. Do what you will with that. :)
--=20
Jeff McAdams
"He who laughs last, thinks slowest." -- anonymous
--SLDf9lqlvOQaIe6s
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iEYEARECAAYFAj9D/eYACgkQXkUmzpmSrfyauQCguOCL29rfcKP5c0M2O53u/X3f
zj4An2LvNGWPyE7pkb8wAfJqsLcBCcXH
=NzGU
-----END PGP SIGNATURE-----
--SLDf9lqlvOQaIe6s--