fingerprint of key

Todd Zullinger tmz at pobox.com
Mon Aug 14 21:09:22 CEST 2017


Daniel Kahn Gillmor wrote:
> with more modern versions of gnupg, you can just use:
>
>    gpg --with-fingerprint --import-options show-only --import < public-key-file.asc

FWIW, I've used "gpg --with-fingerprint public-key-file.asc" for what 
seems like years to do this sort of quick fingerprint check of keys. 
It's particularly handy with linux distribution package signing keys, 
which are typically not something I have any need to import to my 
keyring.

On a fedora-25 system:

    $ gpg --version
    gpg (GnuPG) 1.4.22

    $ gpg --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-25-primary
    pub  4096R/FDB19C98 2016-03-31 Fedora 25 Primary (25) <fedora-25-primary at fedoraproject.org>
          Key fingerprint = C437 DCCD 558A 66A3 7D6F  4372 4089 D8F2 FDB1 9C98

    $ gpg2 --version
    gpg (GnuPG) 2.1.13

    $ gpg2 --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-25-primary
    pub   rsa4096 2016-03-31 [SCE]
          C437 DCCD 558A 66A3 7D6F  4372 4089 D8F2 FDB1 9C98
    uid           Fedora 25 Primary (25) <fedora-25-primary at fedoraproject.org>


I haven't looked at the documentation for --with-fingerprint in a 
while, but it does seem like it's at least leaving out some details 
regarding its use on key files which are not imported.

I have no idea whether those differences are intended and should 
simply be documented or it's considered a bug that --fingerprint and 
--with-fingerprint differ in handling unimported keys.

Also, both 2.1.13 on fedora 25 and 2.1.22 on fedora rawhide, the 
command above complains about the show-only option:

    $ gpg2 --version
    gpg (GnuPG) 2.1.22

    $ gpg2 --with-fingerprint --import-options show-only --import < /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-25-primary
    gpg: unknown option 'show-only'
    gpg: invalid import options

Is there a typo in that command or is show-only not in the latest 
release of the 2.1 branch?

-- 
Todd
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The most overlooked advantage to owning a computer is that if they
foul up, there's no law against whacking them around a little.
    -- Eric Porterfield

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 543 bytes
Desc: not available
URL: </pipermail/attachments/20170814/7edc2155/attachment.sig>


More information about the Gnupg-users mailing list