Howto override "encrypt-to KEYHERE" in gpg.conf?

gpg at trodman.com gpg at trodman.com
Thu Feb 28 14:40:56 CET 2019


I have imported  a new / additional primary key (0x2A5D250B1C9BE7D1) to my keyring.

But my default-key in gpg.conf is not changed:
    $ egrep '^(default-key|encrypt-to) ' ~/.gnupg/gpg.conf
    default-key 040B8410C3F36C1E
    encrypt-to 040B8410C3F36C1E

My goal is to run gpg commands that entirely ignore my default-key and encrypt-to key
in ~/.gnupg/gpg.conf.

Consider:

    $ echo hello |gpg2 --encrypt  -v  --default-key gnupg at baz.com  --recipient gnupg at baz.com > /dev/null
    gpg: using subkey 0xAC725930854EA1D6 instead of primary key 0x040B8410C3F36C1E
    gpg: using pgp trust model
    gpg: using subkey 0x6EADCB57CF0962B3 instead of primary key 0x2A5D250B1C9BE7D1
    gpg: automatically retrieved 'gnupg at baz.com' via Local
    gpg: This key belongs to us
    gpg: reading from '[stdin]'
    gpg: writing to stdout
    gpg: RSA/AES256 encrypted for: "0x6EADCB57CF0962B3 Bob S Lorem <gnupg at baz.com>"
    gpg: RSA/AES256 encrypted for: "0xAC725930854EA1D6 Robert S Lorem <WoT at baz.com>"
    $

    [...] Now comment out this line: "encrypt-to 040B8410C3F36C1E" in gpg.conf:
    $ echo hi    |gpg2 --encrypt  -v  --default-key gnupg at baz.com  --recipient gnupg at baz.com > /dev/null
    gpg: using pgp trust model
    gpg: using subkey 0x6EADCB57CF0962B3 instead of primary key 0x2A5D250B1C9BE7D1
    gpg: automatically retrieved 'gnupg at baz.com' via Local
    gpg: This key belongs to us
    gpg: reading from '[stdin]'
    gpg: writing to stdout
    gpg: RSA/AES256 encrypted for: "0x6EADCB57CF0962B3 Bob S Lorem <gnupg at baz.com>"
    $

How can I change the "echo hi ..." pipeline above and get the same results
without editing ~/.gnupg/gpg.conf?

--
thanks,
Tom
--
The primary private (secret) keys are saved offline, and not present in ~/.gnupg.



More information about the Gnupg-users mailing list