Encrypt to a key without importing it to keyring

Seby seby2kt14 at gmail.com
Fri Nov 24 02:02:50 CET 2017


Hello,

Thanks a lot for the reply.

NIIBE Yutaka <gniibe at fsij.org> wrote:
> Seby <seby2kt14 at gmail.com> wrote:
>> Basically use gnupg without a keyring or trustdb. And the pass the armored
>> pgp public key with each command and operation.
>
> AFAIK, such a usage is not supported by GnuPG.
>
> Well, I would imagine some use cases when we want to avoid any
> dependency to specific user's configuration, keyring, and trustdb, of
> his own.
>
> Approximation would be using ephemeral GNUPGHOME.
>
> I mean, starting your GnuPG session (or script) with:
>
>    $ export GNUPGHOME=$(mktemp -p /run/user/$(id -u) -d)
>    $ chmod og-rwx $GNUPGHOME; echo $GNUPGHOME
>
> and remove the $GNUPGHOME after its use.
>
> This is very useful for testing GnuPG, for example.
> --

The use case is that a script encrypts stuff for different public
keys. I don't want to save those public keys to files, then import
them in the keyring, do the operation and then delete from the keyring
because this is a lot of operations plus using files might be
problematic on edge cases.

Am I correct that a way around changing the GNUPGHOME variable is
using the --no-default-keyring argument?

So no way for me to do an operation just by having the public key in
clipboard for example (no saving to file, no import, etc.)?

Seby



More information about the Gnupg-users mailing list