1.4.0: Howto verify a signed file quickly - without any --homedir...
Peter Valdemar Mørch
swp5jhu02 at sneakemail.com
Mon Feb 7 13:58:17 CET 2005
Hi there,
My task: I have a public keyring and a signed file. I need to test
whether they verify from a script.
I don't want to use the current user's trust, keyrings or anything. In
fact, the user's home directory may not even be writable by the user.
In gnupg 1.2.5, this worked:
# gpg --always-trust --secret-keyring /dev/null --no-default-keyring
--keyring /my/key.ring --verify /some/file
gpg: Signature made Mon 19 Apr 2004 13:29:53 CEST using DSA key ID 53776FD8
gpg: Good signature from "Somebody <some at where.dk>"
gpg: WARNING: Using untrusted key!
However, in 1.4.0, this gives the following error:
gpg: fatal: can't create directory `/home/user/.gnupg': Permission denied
OK, so I can always do e.g.:
# mkdir /tmp/bogus
# gpg --homedir /tmp/bogus ...
# rm -rf /tmp/bogus
But then I'm spending time creating the bogus directory, initializing a
trust database, only to just delete it afterward. And now I have to take
care not to have two scripts running simultaneously or to use distinct
temporary directory names with all the pitfalls *that* has.
Isn't there a simpler way? (--homedir /dev/null doesn't work! :-D)
Peter
--
Peter Valdemar Mørch
http://www.morch.com
More information about the Gnupg-users
mailing list