GnuPG (GPG) Problem

John Clizbe JPClizbe at
Fri Aug 25 09:41:11 CEST 2006

Bo Berglund wrote:
> On Sat, 19 Aug 2006 16:46:07 +0200, Ismael Valladolid Torres
> <ivalladolidt at> wrote:
>>John Clizbe escribe:
>>> Just copy the keyring files.
>>I store my private keyring and a public keyring containing only my
>>public key on a pendrive, then in your gpg.conf:
>>keyring /path/to/pendrive/pubring.gpg
>>secret-keyring /path/to/pendrive/secring.gpg

You should also move the trustdb to the pendrive. First copy it then add the
following line to gpg.conf:

--trustdb-name /path/to/pendrive/trustdb.gpg

> I wonder about the gpg.conf file:
> Is it used at all in Windows?


> I looked at my own one at "C:\Documents and
> Settings\<username>\Application Data\gnupg" and found only commented
> out lines there. The word keyring appeared only twice and this was in
> descriptive text, not in a setting.

The default in the registry is %APPDATA%\GnuPG. That expands to
C:\Documents and Settings\<username>\Application Data\GnuPG". You should
probably store gpg.conf on your pen drive and choose one of the methods below
for overriding the default - that way, you are taking the complete environment
with you on the pen drive.

There are three ways of changing it. In increasing priority
1) Use Regedit.exe, navigate to the key HKCU\Software\Gnu\GnuPG and change the
   HomeDir value

2) set the environment variable GNUPGHOME

3) include --homedir /path/to/pendrive/ on the commnd line each time you
   invoke gpg

This totally portable environment is the approach used by the GPG2GO project.

That sounds like a template gpg.conf. I know one like that ships with the Cygwin

You may wish to check out the page
It contains a sample gpg.conf for windows you may download to your PC:

Its contents are:
default-cert-check-level 3
keyserver-options auto-key-retrieve include-revoked include-subkeys

# If you installed idea.dll, uncomment the following line
# load-extension Lib\idea

Here's mine
comment "When cryptography is outlawed, b25seSBvdXRsYXdzIHdpbGwgdXNlIG"
comment "Be part of the £33t ECHELON -- Use Strong Encryption."
comment "It's YOUR right - for the time being."
# SKS keyserver
# The option lines are one line only. They tend to wrap.
keyserver-options auto-key-retrieve include-subkeys include-revoked
repair-pks-subkey-bug import-clean-sigs import-clean-uids export-clean-sigs
import-options import-local-sigs repair-pks-subkey-bug import-clean-sigs
export-options include-local-sigs export-clean-sigs export-clean-uids
# Not always needed, since self-builts have IDEA hardwired into the binary
#load-extension Lib\idea
keyring	pubring.gpg
primary-keyring	pubring.gpg
secret-keyring	O:\GnuPG\secring.gpg
default-key 0x608D2A10
encrypt-to 0x18BB373A
bzip2-compress-level 9
compress-level 9
no-auto-check-trustdb	# done by cron/scheduled tasks

John P. Clizbe                   Inet:   JPClizbe(a)comcast DOT nyet
Golden Bear Networks             PGP/GPG KeyID: 0x608D2A10
"Be who you are and say what you feel because those who mind don't matter
and those who matter don't mind." - Dr Seuss, "Oh the Places You'll Go"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 662 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060825/3e0ce951/signature-0001.pgp

More information about the Gnupg-users mailing list