gpg --batch --yes --edit-key trust

David Smith Dave.Smith at
Fri Jul 23 12:48:00 CEST 2010

mark at wrote:
> I need to be able to ultimately trust a public key in batch mode, that I
> have downloaded automatically with wget from an internal server over HTTPS.
> I don't want to do --trust-model always, apart from the fact I want to
> use a trusted key anyway, gpg --trust-model always --verify displays a
> gratuitous warning "gpg: WARNING: Using untrusted key!".
> So how do I get gpg --batch --yes --edit-key trust to work?  I would
> have expected an option like --trust-level 5 that would allow the level
> of trust to be selected in batch mode.
> So far I've considered using Expect to fill in the interactive fields
> (but this feels like using a sledgehammer to crack a nut, it has so many
> library dependencies), or modifying the source code to add the needed
> option.  Can anyone think of another way of achieving the same goal?

I think that you might be confusing "trust" with "validity".

If you want it to blindly encrypt data using a key that it's downloaded
from a keyserver without you having signed it (or without it being
declared valid by the web-of-trust), then you can use "--always-trust"
when doing the encryption.

More information about the Gnupg-users mailing list