How to specify ca-cert-file as a path relative to ~? (was: It's more GNU/Linux than GnuPG)
amuza
amuza at riseup.net
Wed Feb 20 13:15:00 CET 2019
amuza:
>
>
> Friedhelm Waitzmann:
>>> I have two GNU/Linux computers syncing their ~/.gnupg directories.
>>> "alice" is my username in one computer, "bob" is my username in the
>>> other one.
>>
>>> I have a CA certificate stored in my home directory of both computers,
>>> and would like to keep it there.
>>
>>> Into the ~/.gnupg/gpg.conf file, I wrote the following line pointing to
>>> that CA cert:
>>
>>> keyserver-options ca-cert-file=~/keyserverCA.pem
>>
>>> But that line does not seem to work because of "~".
>>
>>> Everything works ok in one computer if I write:
>>
>>> keyserver-options ca-cert-file=/home/alice/keyserverCA.pem
>>
>>> and in the other computer if I write:
>>
>>> keyserver-options ca-cert-file=/home/bob/keyserversCA.pem
>>
>>> But then, by specifying names, when syncing, that line won't work in one
>>> of the two computers because of the usernames.
>>
>>> Is there any way to specify "user" without writing their name?
>>
>>> Any other suggestion?
>>
>> Just guessing: How about specifying the file as a path relative
>> to the .gnupg directory?
>>
>> (1)
>> keyserver-options ca-cert-file=../keyserversCA.pem
>>
>> or
>>
>> (2)
>> In the .gnupg directory create a symbolic link pointing to ..:
>> $ ln -s .. ~/.gnupg/homedir
>> Then set ca-cert-file to homedir/keyserversCA.pem:
>> keyserver-options ca-cert-file=homedir/keyserversCA.pem
>>
>
> Hey Friedhelm, thanks a lot!
> Suggestion 2 worked!!
>
> Thank you Werner too.
>
Hi again,
I was wrong, suggestion 2 does not work either.
I have tried with
(1)
keyserver-options ca-cert-file=../keyserversCA.pem
(2)
keyserver-options ca-cert-file=symlink_to_home/keyserversCA.pem
(3)
keyserver-options ca-cert-file=$HOME/keyserverCA.pem
I also tried moving the certificate into ~/.gnupg/ and did:
(4)
keyserver-options ca-cert-file=keyserverCA.pem
(5)
keyserver-options ca-cert-file=./keyserverCA.pem
None of them works. Any other suggestion without writing the full path?
I would like it to work for both Alice and Bob, but would like to keep
the certificate into the home directory.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190220/c081ca53/attachment.sig>
More information about the Gnupg-users
mailing list