On Sunday 04 September 2005 9:20 pm, Cameron Metzke wrote:
> Hi,

Message was signed on 01/01/1970 12:59 am with unknown key 0x68312280.
The validity of the signature cannot be verified.
gpgkeys: key 8892825868312280 not found on keyserver

If you are going to sign emails, PLEASE make sure your key is on 
subkeys.pgp.net!

Ta.

> Is there any command that will delete expired keys from a keyring ?

From previous discussions here:

gpg --batch --yes --delete-key `gpg --list-keys --fixed-list-mode \
--with-colons | grep "^pub" | grep -v "^pub:[u|f]:" | cut -f5 -d":"`

That deletes anything that is NOT u (ultimate trust) of f (full trust). Adapt 
the regexp ^pub:[u|f] to suit.

If, like me, you run this regularly as a cron job to filter out the useless 
keys that clutter up many keyrings, use:

#!/bin/bash
gpg --check-trustdb
gpg --batch --yes --delete-key `gpg --list-keys --fixed-list-mode \
--with-colons | grep "^pub" | grep -v "^pub:[u|f]:" | cut -f5 -d":"`
gpg --import /home/neil/documents/gpg/people/*.asc
gpg --refresh-keys
gpg --check-trustdb

The import line brings back keys that I want but which I have not yet had a 
chance to sign.

The refresh-keys command updates every key still in the keyring - you could 
run that FIRST but it takes longer. It depends how likely it is that some of 
the "junk" keys will turn out to be trusted once refreshed.

Of course, one man's junk is another man's gold. YMMV.

-- 

Neil Williams
=============
http://www.data-freedom.org/
http://www.nosoftwarepatents.com/
http://www.linux.codehelp.co.uk/

Attachment: pgpONq8LuXcSD.pgp
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to