GPG Home Directory

John Clizbe John at Mozilla-Enigmail.org
Tue Jan 22 21:04:02 CET 2008


bjr149 wrote:
> I can't seem to get the directory to change where gpg looks for the keyring
> files.
> 
> I ran the following
> 
> C:\GNUPG>gpg --homedir C:\GNUPG\
> gpg: keyring `C:/GNUPG/\secring.gpg' created
> gpg: keyring `C:/GNUPG/\pubring.gpg' created
> gpg: Go ahead and type your message ...
> 
> Then when I run --list-keys its still points to the original directory.
> 
> C:\GNUPG>gpg --list-keys
> C:/Documents and Settings/webmethods/Application Data/gnupg\pubring.gpg
> --------------------------------------------------------------------------------
> 
> 
> What am I doing wrong?

Not telling us your overall goal in changing from the defaults is usually the
first part of that answer - it requires responders to divine your intentions
(I'm low on tea leaves and n00b entrails aren't as easy to obtain as they used
to be).

Using --homedir will require that you specify it each and every time you issue a
gpg command.

Alternatively, you could leave gpg.conf in %APPDATA%\GnuPG and redirect GnuPG to
the alternate location for the keyring and trustdb files. (This is the approach
I use with removable media and IMHO the most sensible.)

Just for reference, here's a relevant chunk of docs\README.W32 (README-W32.txt)
which the installer includes with the binaries:
  Home directory:
  ===============
  GnuPG makes use of a per user home directory to store its keys as well
  as configuration files.  The default home directory is a directory
  named "gnupg" below the application data directory of the user.  This
  directory will be created if it does not exist.  Being only a default,
  it may be changed by setting the name of the home directory into the
  Registry under the key HKEY_CURRENT_USER\Software\GNU\GnuPG using the
  name "HomeDir".  If an environment variable "GNUPGHOME" exists, this
  even overrides the registry setting.  The command line option
  "--homedir" may be used to override all other settings of the home
  directory.

and the file NEWS (docs\NEWS.txt) in the section for 1.4.1 gives the search
algorithm:
  * [W32] The algorithm for the default home directory changed:
    First we look at the environment variable GNUPGHOME, if this one
    is not set, we check whether the registry entry
    {HKCU,HKLM}\Software\GNU\GnuPG:HomeDir has been set. If this
    fails we use a GnuPG directory below the standard application
    data directory (APPDATA) of the current user. Only in the case
    that this directory cannot be determined, the old default of
    c:\gnupg will be used.  The option --homedir still overrides all
    of them.

So to use C:\GNUPG, you may (select one)
  a) set a user-level environment variable, GNUPGHOME
  b) edit the registry value HKCU\Software\GNU\GnuPG:HomeDir
  c) edit the registry to remove any reference to Software\GNU\GnuPG:HomeDir
     in both HKCU and HKLM. It looks like you might need to also remove the
     %APPDATA%\GnuPG directory. Praying the fall through logic never changes
     would probably also be beneficial.

There's not a lot to gain from using C:\GNUPG which is one of the reasons it was
changed for the installer. Ditto the executables in \Program Files\Gnu\GnuPG.
There is, however, an amount to say against using it, especially on a multiuser
machine.

If all you are attempting to do is examine a server process' keyring, you want
to look at the command line options --no-default-keyring and --keyring <file>

-- 
John P. Clizbe                      Inet:   John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?"        / "two words: good decisions."
"what's the key to good decisions?" /  "one word: experience."
"how do i get experience?"          / "two words: bad decisions."

"Just how do the residents of Haiku, Hawai'i hold conversations?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 658 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080122/d7e946f4/attachment.pgp>


More information about the Gnupg-users mailing list