The purpose and origin of the file "pubring.gpg~"

Werner Koch wk at
Sun Jun 8 19:08:41 CEST 2014

On Sat,  7 Jun 2014 18:04, kindaro at said:

> once again in the Ubuntu forums, and both times it was dismissed as "well
> it has a tilde in the end, it must be a backup". I don't feel satisfied

Standard Unix pattern for a backup of another file.  Another common
pattern are temporary files whicg start with ".#".  It is common that
cron jobs remove such files after some time if the program did not do it
due to an unexpected event.

> 1. What purpose does the file serve?

Backup done by gpg while working on the file.

> 2. What is its importance?

None.  It does not make sense to automatically delete it because the
next modification of the file will create a new one.

> 3. What would be the consequence of deleting the file?


> 4. What would be the consequence of sharing the file?

No different from "~/.gnupg/pubring.gpg".  It hat the public keys.
However, "~/.gnupg/pubring.gpg~" also stores cache of key signature
verification results.

> 5. What would be the consequence of having the file stolen by a malicious
> party?

You should not trust your box anymore.  I someone got access to the box
the box has been comprimised.  The public keyring is the least of your
problems.  You need to assume that secret keys are compromised
(~/.gnupg/secring.gpg or ~/.gnupg/private-keys-v1.d/)

> 6. In what way does it relate to some public keys stored in the keyring?

It is a backup of them.  Modification of these files (e.e. adding or
editing keys) works by taking a temporary copy of the file, change that
file, rename the original file to pubring.gpg~, and the rename the
temporary file to pubring.gpg.

> 7. In what way does it relate to some private keys stored in the keyring?

Private keys are not stored there.  However, the secring.gpg is modified
using the same scheme but to minimize the available secret key material
the backup file is deleted.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list