On 10/04/2011 12:38 PM, Steven Rostedt wrote:
>
> Hmm, gpgv is not quite equivalent to gpg --verify. With gpgv I get the
> following error:
>
> $ gpgv /tmp/gpgvmail-s.x /tmp/gpgvmail-d.x
> gpgv: keyblock resource `/home/rostedt/.gnupg/trustedkeys.gpg': file open
> error
> gpgv: Signature made Tue 04 Oct 2011 02:35:50 PM EDT using RSA key ID C66DAA00
> gpgv: Can't check signature: public key not found
>
>
> I don't have a "trustedkeys.gpg" file. Do I need to generate one?
>
> Using gpg --verify, it doesn't complain:
>
> $ gpg --verify /tmp/gpgvmail-s.x /tmp/gpgvmail-d.x
> gpg: Signature made Tue 04 Oct 2011 02:35:50 PM EDT using RSA key ID C66DAA00
> gpg: Good signature from "Steven Rostedt (Der Hacker) <[email protected]>"
>
gpgv looks at trustedkeys.gpg by default; it's just a different public
keyring. The *big* difference between gpgv and gpg is that the former
doesn't consult the trustdb *at all*.
-hpa
_______________________________________________
Quilt-dev mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/quilt-dev
