Re: gpg: export just my keys, not whole keyring?
On onsdag 12 oktober 2005, 13:36, Matt Price wrote:
> interesting, the depths of my ignorance continue to berevealed to
> me... I'm not sure what a keyid is!
Ah, OK!
Hmmm, I'm going searching...
It seems you have an (old) key
http://pgp.mit.edu:11371/pks/lookup?search=matt.price%40utoronto.ca&op=index
and for that key, the KeyID is 80161724.
It is just something that (with reasonable probability, possibly)
uniquely identifies that key. Since there are subkeys and stuff (these
things are beyond me), that have their own ids, this can get fairly
complex. Also, you'll see longer keyids now, but to make a long story
short, it is a hex number consisting of the last 8 numbers of you
fingerprint. So, if you find your fingerprint, you've got it.
DEADBEEF is the metasyntatical variable (i.e. example) keyID, since it
is all hex and a funny word of the correct length.
> But I did try this:
> gpg --export "Matt Price <matt.price@utoronto.ca>" > ring.gpg -- and
> I ended up with something much smaller. So maybe that's good enough.
Cool! :-)
> But one thing is, I'm still not sure that the key I export is the one
> I'm actually using to sign my debian packages & files. I know I've
> made a number of keys inthe past (part of my wanderings in the dark)
Right! :-)
> and now I don't know which one is automatically used when I invoke
> gpg. jeez, how do I figure that out?
Errrr, /me looks around the room for backup... :-)
Try
gpg --list-keys "Matt Price <matt.price@utoronto.ca>"
They will have dates and stuff. And you'll see the associated keyid.
Also, you can have a look at mine
gpg --recv-keys 6a6a0bbc
should import it, and
gpg --list-keys 6a6a0bbc
should give you an idea of how it looks, 6a6a0bbc being the keyid.
>
>
> oh, and finally -- if I figure out which key I want to export, do I
> add it to the ubuntu-keyring just with
> cat mykey.gpg >> ubuntu-archive-keyring ?
> or will that screw with the binary file format somehow?
I don't know, but I would be careful...
I think I would do something like (untested)
gpg --no-default-keyring --keyring ubuntu-archive-keyring --import
mykey.gpg
But then, I'm not quite sure you would want to import it in the ubuntu
keyring... Perhaps you'd rather import the ubuntu-keyring into your
pubring.gpg, if that's your default. I must admit that I'm a little
rusty here, though.
Also, I found, way back, that importing the whole debian keyring into my
pubring was a bad idea, this was back in the day when GPG would totally
lock KMails interface, and with the large Debian keyring, it would do
it for half an hour or something. It won't be that bad now, but I also
learnt that unmerging the most interesting keys was a non-trivial task,
so nowadays, when I come across a key, I do
gpg --no-default-keyring --keyring seen.pgp --recv-key DEADBEEF
gpg --recv-key DEADBEEF
to import it into both seen.gpg and the default keyring.
> sorry for the ignorance.
No problem. We've all been there. Still is, quite often, in fact! :-)
Cheers,
Kjetil
--
Kjetil Kjernsmo
Programmer / Astrophysicist / Ski-orienteer / Orienteer / Mountaineer
kjetil@kjernsmo.net
Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC
Reply to: