Control: tags 928894 + moreinfo Hi Toni--
On Sun 2019-05-12 19:46:45 +0100, Toni wrote: > --recv-keys does not seem to honour the keyring options, so the received > key ends up in the wrong keyring: > > $ touch ~/mnt/tools/gitea-keys.gpg > $ gpg --no-default-keyring --keyring ~/mnt/tools/gitea-keys.gpg --recv-keys > CC64B1DB67ABBEECAB24B6455FC346329753F4B0 > gpg: key 0x2D9AE806EC1592E2: 6 signatures not checked due to missing keys > gpg: key 0x2D9AE806EC1592E2: public key "Teabot <tea...@gitea.io>" imported > gpg: Total number processed: 1 > gpg: imported: 1 > $ gpg --list-options show-keyring -k tea...@gitea.io > gpg: please do a --check-trustdb > Keyring: /home/toni/.gnupg/pubring.gpg > -------------------------------------- > pub rsa4096/0x2D9AE806EC1592E2 2018-06-24 [SC] [expires: 2020-06-23] > 7C9E68152594688862D62AF62D9AE806EC1592E2 > uid [ unknown] Teabot <tea...@gitea.io> > sub rsa4096/0x1FBE01D7CBADB9A0 2018-06-24 [E] [expires: 2020-06-23] > sub rsa4096/0x5FC346329753F4B0 2018-06-24 [S] [expires: 2019-06-24] I'm not sure that this demonstrates what you're describing. Here is a run with gpg 2.2.15-1 that demonstrates the key being fetched into the extra keyring: 0 dkg@alice:/tmp/cdtemp.AhkyjS$ export GNUPGHOME=$(pwd) 0 dkg@alice:/tmp/cdtemp.AhkyjS$ touch $(pwd)/extra.gpg 0 dkg@alice:/tmp/cdtemp.AhkyjS$ gpg --no-default-keyring --keyring $(pwd)/extra.gpg --recv-keys CC64B1DB67ABBEECAB24B6455FC346329753F4B0 gpg: key 2D9AE806EC1592E2: 6 signatures not checked due to missing keys gpg: /tmp/cdtemp.AhkyjS/trustdb.gpg: trustdb created gpg: key 2D9AE806EC1592E2: public key "Teabot <tea...@gitea.io>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 0 dkg@alice:/tmp/cdtemp.AhkyjS$ gpg --list-options show-keyring -k tea...@gitea.io gpg: keybox '/tmp/cdtemp.AhkyjS/pubring.kbx' created gpg: error reading key: No public key 2 dkg@alice:/tmp/cdtemp.AhkyjS$ ls -la total 24 drwx------ 4 dkg dkg 160 May 12 18:48 . drwxrwxrwt 28 root root 1420 May 12 18:47 .. drwx------ 2 dkg dkg 60 May 12 18:48 crls.d -rw-r--r-- 1 dkg dkg 6467 May 12 18:48 extra.gpg -rw-r--r-- 1 dkg dkg 6467 May 12 18:48 extra.gpg~ drwx------ 2 dkg dkg 40 May 12 18:48 private-keys-v1.d -rw------- 1 dkg dkg 32 May 12 18:48 pubring.kbx -rw------- 1 dkg dkg 1200 May 12 18:48 trustdb.gpg 0 dkg@alice:/tmp/cdtemp.AhkyjS$ perhaps the teabot key was already in your default keyring before you run the --recv-keys operation? that would certainly explain the behavior that you're seeing. --dkg
signature.asc
Description: PGP signature