gpg --verify in batch mode / how to require a trust level?
gbernd at gmx.de
gbernd at gmx.de
Tue Jan 18 16:19:27 CET 2022
Hi,
for a backup integrity protection, I want to add a signature check to
the restore script to reject the backup files that are not properly
signed. So far, so good.
#$ gpg --verify backup.tar.sig
#$ if [ $? -ne 0 ]; then echo "backup is not properly signed!"; exit 1; fi
#$ tar xzvf backup.tar
Now, I find that `gpg --verify` produces a return code rc=0 when there
is a public key in my keyring that I once added, even though I never
declared that I trust this key.
How can I require `gpg --verify` to only accept keys from my keyring
with a certain trust level and fail otherwise (rc!=0)
Alternatively, how can I check that a signature was done with a specific
key?
Many thanks
Bern
More information about the Gnupg-users
mailing list