Using the "clean" function (and the "PGP Global Directory")

David Shaw dshaw at
Wed Jun 23 06:44:30 CEST 2010

On Jun 23, 2010, at 12:03 AM, Dan Mahoney, System Admin wrote:

>>> Are you sure about that?  "clean" strips off useless signatures (useless being defined as an invalid signature, a superseded signature, a revoked signature, and a signature from a key that isn't present on the keyring). Signatures from keys that are present, but have no trust value are not stripped off.
>> Let me double check.  I saw it earlier today when transferring my work sig to my personal one.  But it might just have been that my coworkers did not have sigs present.  It's entirely possible I mangled the windows.
> Yup, that's what happened.  I had imported my work key to my personal machine, but didn't have the keys of all my coworkers on my personal box, so "clean" decided to be helpful.
> I pulled it off the keyserver again, and then pulled down the keys of all my coworkers, and was good.

Ah, good.  I'm glad.

> On a related subject, is there a way to say "pull down the keys of all keyids who have signed key X"?

Not directly, but you can do something like this:

   gpg --recv-keys `gpg --with-colons --fixed-list-mode --list-sigs $THE_KEY | egrep '^sig:' | cut -f5 -d: | sort -u`


More information about the Gnupg-users mailing list