-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Neil Williams wrote: > On Sunday 04 September 2005 9:20 pm, Cameron Metzke wrote: > >>Hi, > > > Message was signed on 01/01/1970 12:59 am with unknown key 0x68312280. > The validity of the signature cannot be verified. > gpgkeys: key 8892825868312280 not found on keyserver > > If you are going to sign emails, PLEASE make sure your key is on > subkeys.pgp.net! > > Ta. > > >>Is there any command that will delete expired keys from a keyring ? > > > From previous discussions here: > > gpg --batch --yes --delete-key `gpg --list-keys --fixed-list-mode \ > --with-colons | grep "^pub" | grep -v "^pub:[u|f]:" | cut -f5 -d":"` > > That deletes anything that is NOT u (ultimate trust) of f (full trust). Adapt > the regexp ^pub:[u|f] to suit. > > If, like me, you run this regularly as a cron job to filter out the useless > keys that clutter up many keyrings, use: > > #!/bin/bash > gpg --check-trustdb > gpg --batch --yes --delete-key `gpg --list-keys --fixed-list-mode \ > --with-colons | grep "^pub" | grep -v "^pub:[u|f]:" | cut -f5 -d":"` > gpg --import /home/neil/documents/gpg/people/*.asc > gpg --refresh-keys > gpg --check-trustdb > > The import line brings back keys that I want but which I have not yet had a > chance to sign. > > The refresh-keys command updates every key still in the keyring - you could > run that FIRST but it takes longer. It depends how likely it is that some of > the "junk" keys will turn out to be trusted once refreshed. > > Of course, one man's junk is another man's gold. YMMV. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users
Well thats a great bash script which i will incorperate into my *nix box :). Basically what im trying to do is build a php frontend to gnupg which can act like a keyserver. The keys are imported using --fast-import which i belive doesnt touch the trustdb, so all im really trying to do is basically delete all expired keys in the pubring (and possibly keys that have been revoked). I intend on using a bash script to run the delete script via cron. Unfortunatly my skills have alot to be desired lol, so best i get to work on it :) If anyones has any tips I would love to hear them :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iD8DBQFDG3WwiJKCWGgxIoARAjMUAKCUBiFhvg2Hh7acpNcAZ27T8hBD3ACgmYiv /kmOIg8M5OegatAvVuJ0nfM= =z+qZ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
