Re: Removing invalid keys from keyring
On Sat, Mar 29, 2003 at 03:26:33PM +0100, Kjetil Kjernsmo wrote:
> On Thursday 27 March 2003 08:53, Lars Ellenberg wrote:
> > On Wed, Mar 26, 2003 at 05:28:35PM +0100, Kjetil Kjernsmo wrote:
> > > Is there a way to remove revoked/expired and otherwise invalid or
> > > useless keys from a GPG keyring, in batch?
> >
> > well, I do not know how to automatically list only "invalid" keys.
>
> OK.
>
> > #
> > # edit that file, _delete_ every line corresponding to a _valid_ key
> > #
>
> Eh, well, that's really the issue. For with 4500 keys in that file,
> that is going to take a long time... :-) So, that is the part that
> needs automagicallization...
now, I read doc/DETAILS ...
2. Field: A letter describing the calculated trust. This is a single
letter, but be prepared that additional information may follow
in some future versions. (not used for secret keys)
o = Unknown (this key is new to the system)
i = The key is invalid (e.g. due to a missing self-signature)
d = The key has been disabled
r = The key has been revoked
e = The key has expired
q = Undefined (no value assigned)
n = Don't trust this key at all
m = There is marginal trust in this key
f = The key is full trusted.
u = The key is ultimately trusted; this is only used for
keys for which the secret key is also available.
5. Field: KeyID
so try if this reduces the number of invalid keys.
don't forget the cp -a ~/.gnupg{,.bak}
gpg --list-public-keys --with-colons | grep -a '^pub:[idre]:' |
cut -d: -f5 | xargs -l gpg --batch --yes --delete-keys
hth
Lars
Reply to: