Nils --
FYI, the proper posting address for mutt-users is *NOT* at gbnet, even
though the list is hosted there and the address leaks through sometimes.
...and then Nils Vogels said...
% Hi there!
%
% I have been trying to make gpg dump its keys it fetches while being in mutt in
...
...and then Nils Vogels said...
% OK, attempt nr 2.. my previous one didn't get answered at all .. does anyone
% have an idea how to get started on mutt + gpg + seperate keyfiles ?
I thought you were having a problem with %r, like I and a few others are,
rather than just trying to figure out separate keyfiles. Maybe you are
and don't realize it :-) Anyway, a couple of us have now asked what's up
with %r, and I think that Tomasz (Caster) put it best in his description
of what the get_keys command seemed to be doing and the %r it seemed to
be getting.
Anyway, all of that aside, I messed around a lot with the same sort of
thing because I have quite a few keys (not so ridiculously many, sure,
but too many to see all in one screen). After poking around here and
there and asking the GPG users' list, here's how I have multiple keyrings
specified:
$HOME/.gnupg/options:
...
#
# keyrings to use (in search order)
#
keyring pubring.gpg
secret-keyring secring.gpg
keyring pubring.davidtg-old-keys.gpg
secret-keyring secring.davidtg-old-keys.gpg
...
keyring pubring.mutt.gpg
secret-keyring secring.mutt.gpg
keyring pubring.catch-all-keys.gpg
secret-keyring secring.catch-all-keys.gpg
$HOME/.mutt/gpg.rc:
...
# import a key into the public key ring
set pgp_import_command="gpg --no-verbose --import --keyring
pubring.catch-all-keys.gpg -v %f"
...
# receive key from keyserver:
set pgp_getkeys_command="gpg --recv-keys --keyring pubring.catch-all-keys.gpg %r"
This drops all new keys in my catch-all ring (and I haven't tested to
see whether it's listing the catch-all ring last in the options file or
specifically listing it on the import and receive commands that really
makes it work), which I check every once in a while with an ordinary
--list-keys command (lots of keys scroll by, and the newest are at the
bottom when it finishes). It's funny how many keys I find about which
I was unaware (and can't, for the life of me, track down; these people
apparently don't use any of the addresses they specify in the keys for
actually sending mail!); I might try changing the commands based on
folder-hooks so that the keys I get when reading =F.mutt drop straight
into the mutt keyring.
The attached script, which is very drafty and was basically pasted
directly from the command line history, lets me move keys from the
catch-all ring to another ring (like the mutt ring) fairly easily; it
does a little magic so that you can mouse the entire keyid string (gpg
outputs like
pub 1024D/B66D9EEA 2000-07-13 David T-G <[EMAIL PROTECTED]>
sub 4096g/EDE8B284 2000-07-13
and so my mouse grabs 1024D/B66D9EEA under one terminal program and just
B66D9EEA under another) and feed it in. I know that it's brutally messy;
if anyone wants to fix it up for me, that would be lovely :-) Heck, for
all I know there is a Crypt::GPG module for perl that will let me move
the keys directly ;-)
HTH & HAND
:-D
--
David T-G * It's easier to fight for one's principles
(play) [EMAIL PROTECTED] * than to live up to them. -- fortune cookie
(work) [EMAIL PROTECTED]
http://www.bigfoot.com/~davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
The "new millennium" starts at the beginning of 2001. There was no year 0.
Note: If bigfoot.com gives you fits, try sector13.org in its place. *sigh*
#!/bin/sh
# quick hack to move keys from catch-all ring to specified ring
# Usage: $0 KEYID ringname [-s]
NOOPTS="--options /dev/null --no-greeting --no-secmem-warning"
[ $# -lt 2 ] && { echo "�Barf! Insufficient args!" ; exit ; }
KEY=$1 ; KEY=`echo $KEY | sed -e "s@.*/@@" -e "s/0x//"` ### check for RSA?
RING=$2
echo "KEY = $KEY" ; echo "RING = $RING" ###
# look for key; puke if not found
gpg --list-keys $KEY 2>/dev/null || { echo "�Barf! Key not found!" ; }
# move seckey first
[ "$3" = "-s" ] && \
gpg --export-secret-key $KEY | gpg $NOOPTS --secret-keyring secring.$RING.gpg
--import
# move pubkey next
gpg --export $KEY | gpg $NOOPTS --keyring pubring.$RING.gpg --import
# wipe seckey first
[ "$3" = "-s" ] && \
{ gpg $NOOPTS --secret-keyring secring.$RING.gpg --list-secret-key $KEY 2>/dev/null
|| \
{ echo "�Barf! Key not found on $RING secring!" ; }
gpg $NOOPTS --secret-keyring secring.$RING.gpg --secret-keyring
secring.catch-all-keys.gpg --list-secret-keys
gpg $NOOPTS --secret-keyring secring.catch-all-keys.gpg --delete-secret-key $KEY ; }
# wipe pubkey next
gpg $NOOPTS --keyring pubring.$RING.gpg --list-key $KEY 2>/dev/null || \
{ echo "�Barf! Key not found on $RING pubring!" ; }
gpg $NOOPTS --keyring pubring.$RING.gpg --keyring pubring.catch-all-keys.gpg
--list-keys
gpg $NOOPTS --keyring pubring.catch-all-keys.gpg --delete-key $KEY
### gpg --armor --export 18F78541 | gpg --options /dev/null --no-greeting
--no-secmem-warning --keyring pubring.mutt.gpg --armor --import
### gpg --options /dev/null --no-greeting --no-secmem-warning --keyring
pubring.mutt.gpg --keyring pubring.catch-all-keys.gpg --list-keys
### gpg --options /dev/null --no-greeting --no-secmem-warning --keyring
pubring.catch-all-keys.gpg --delete-key 18F78541
PGP signature
