On 24 Oct 2023, at 04:38, Felix E. Klee <[email protected]> wrote: > > For the purpose of re-encryption with a new key, I’d like to find all > files that are encrypted with my key BEF6EFD38FE8DCA0. All encrypted > files, independent of key, have the extension `.gpg`. > > How do I do that for a massive directory tree?
Hi, Felix.
GNU `file` will print the encryption key ID:
```
andrewg@fum:~$ file hidden_service/private_key.gpg
hidden_service/private_key.gpg: PGP RSA encrypted session key - keyid: 6B090693
14549D4B RSA (Encrypt or Sign) 4096b .
```
That keyid is the encryption subkey, so you can grep file’s batch output for
its short ID, e.g.:
```
file *.gpg | grep $SHORT_ENC_SUBKEY_ID
```
Note that due to file’s use of whitespace, you can’t grep for the long ID
unless you mangle it accordingly.
If you don’t have GNU file, you can try `gpg —list-packets` instead, but this
will be slower as gpg will parse the entire file. Also, it only parses one file
at a time, and the encryption key ID is output on STDERR. You can invoke it in
a bash loop like this:
```
find . -name '*.gpg' -print0 | while read -r -d '' file; do
echo -n "$file: "
gpg --list-packets "$file" 2>&1 >/dev/null
done | grep $SHORT_ENC_SUBKEY_ID
```
A
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
