HCoder.org
GPG confusion
Sep 22, 2008 onToday I was playing with GnuPG, trying to add a couple of public keys to an “external” keyring (some random file, not my own keyring). Why? you ask. Well, I was preparing some Debian package containing GPG keys for APT repository signing (like debian-archive-keyring
and such).
The point is, I was really confused for quite a bit because, after reading the gpg
manpage, I was trying things like:
gpg –no-default-keyring –keyring keys.gpg –import … # Wrong!
But that wouldn’t add anything to the keys.gpg
, which I swear I had in the current directory. After a lot of wondering, I realised that gpg
interprets paths for keyrings as relative to… ~/.gnupg
, not the current directory. I guess it’s because of security reasons, but I find it really confusing.
The lesson learned, always use --keyring ./keys.gpg
or, better, never use keys.gpg
as filename for external keyrings, but something more explicit and “non-standard” like my-archive-keyring.gpg
or whatever.