GPG Home Directory
John Clizbe
John at Mozilla-Enigmail.org
Tue Jan 22 21:04:02 CET 2008
bjr149 wrote:
> I can't seem to get the directory to change where gpg looks for the keyring
> files.
>
> I ran the following
>
> C:\GNUPG>gpg --homedir C:\GNUPG\
> gpg: keyring `C:/GNUPG/\secring.gpg' created
> gpg: keyring `C:/GNUPG/\pubring.gpg' created
> gpg: Go ahead and type your message ...
>
> Then when I run --list-keys its still points to the original directory.
>
> C:\GNUPG>gpg --list-keys
> C:/Documents and Settings/webmethods/Application Data/gnupg\pubring.gpg
> --------------------------------------------------------------------------------
>
>
> What am I doing wrong?
Not telling us your overall goal in changing from the defaults is usually the
first part of that answer - it requires responders to divine your intentions
(I'm low on tea leaves and n00b entrails aren't as easy to obtain as they used
to be).
Using --homedir will require that you specify it each and every time you issue a
gpg command.
Alternatively, you could leave gpg.conf in %APPDATA%\GnuPG and redirect GnuPG to
the alternate location for the keyring and trustdb files. (This is the approach
I use with removable media and IMHO the most sensible.)
Just for reference, here's a relevant chunk of docs\README.W32 (README-W32.txt)
which the installer includes with the binaries:
Home directory:
===============
GnuPG makes use of a per user home directory to store its keys as well
as configuration files. The default home directory is a directory
named "gnupg" below the application data directory of the user. This
directory will be created if it does not exist. Being only a default,
it may be changed by setting the name of the home directory into the
Registry under the key HKEY_CURRENT_USER\Software\GNU\GnuPG using the
name "HomeDir". If an environment variable "GNUPGHOME" exists, this
even overrides the registry setting. The command line option
"--homedir" may be used to override all other settings of the home
directory.
and the file NEWS (docs\NEWS.txt) in the section for 1.4.1 gives the search
algorithm:
* [W32] The algorithm for the default home directory changed:
First we look at the environment variable GNUPGHOME, if this one
is not set, we check whether the registry entry
{HKCU,HKLM}\Software\GNU\GnuPG:HomeDir has been set. If this
fails we use a GnuPG directory below the standard application
data directory (APPDATA) of the current user. Only in the case
that this directory cannot be determined, the old default of
c:\gnupg will be used. The option --homedir still overrides all
of them.
So to use C:\GNUPG, you may (select one)
a) set a user-level environment variable, GNUPGHOME
b) edit the registry value HKCU\Software\GNU\GnuPG:HomeDir
c) edit the registry to remove any reference to Software\GNU\GnuPG:HomeDir
in both HKCU and HKLM. It looks like you might need to also remove the
%APPDATA%\GnuPG directory. Praying the fall through logic never changes
would probably also be beneficial.
There's not a lot to gain from using C:\GNUPG which is one of the reasons it was
changed for the installer. Ditto the executables in \Program Files\Gnu\GnuPG.
There is, however, an amount to say against using it, especially on a multiuser
machine.
If all you are attempting to do is examine a server process' keyring, you want
to look at the command line options --no-default-keyring and --keyring <file>
--
John P. Clizbe Inet: John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?" / "two words: good decisions."
"what's the key to good decisions?" / "one word: experience."
"how do i get experience?" / "two words: bad decisions."
"Just how do the residents of Haiku, Hawai'i hold conversations?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 658 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080122/d7e946f4/attachment.pgp>
More information about the Gnupg-users
mailing list