Mailing List Archive

more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K'
Hi,
is there a possibility to list what each of the private keys in
~/.gnupg/private-keys-v1.d is? Some of them I recognize in the listing
of 'gpg --with-keygrip -K', but there are six files in the folder while
only three keygrips are shown by the command (one of which is the master
key and not present in the folder). I guess these are expired subkeys
which I somehow deleted from my keyring, but why would the private keys
still be present?

Regards,
Viktor
Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K' [ In reply to ]
On Mon, 21 Mar 2016 21:05, viktordick86@gmail.com said:

> key and not present in the folder). I guess these are expired subkeys
> which I somehow deleted from my keyring, but why would the private keys

Or keys used by SSh or X.509.

Use gpg-connect-agent and then:

> help keyinfo
# KEYINFO [--[ssh-]list] [--data] [--ssh-fpr] [--with-ssh] <keygrip>
#
# Return information about the key specified by the KEYGRIP. If the
# key is not available GPG_ERR_NOT_FOUND is returned. If the option
# --list is given the keygrip is ignored and information about all
# available keys are returned. If --ssh-list is given information
# about all keys listed in the sshcontrol are returned. With --with-ssh
# information from sshcontrol is always added to the info. Unless --data
# is given, the information is returned as a status line using the format:
#
# KEYINFO <keygrip> <type> <serialno> <idstr> <cached> <protection> <fpr>
#
# KEYGRIP is the keygrip.
#
# TYPE is describes the type of the key:
# 'D' - Regular key stored on disk,
# 'T' - Key is stored on a smartcard (token),
# 'X' - Unknown type,
# '-' - Key is missing.
#
# SERIALNO is an ASCII string with the serial number of the
# smartcard. If the serial number is not known a single
# dash '-' is used instead.
#
# IDSTR is the IDSTR used to distinguish keys on a smartcard. If it
# is not known a dash is used instead.
#
# CACHED is 1 if the passphrase for the key was found in the key cache.
# If not, a '-' is used instead.
#
# PROTECTION describes the key protection type:
# 'P' - The key is protected with a passphrase,
# 'C' - The key is not protected,
# '-' - Unknown protection.
#
# FPR returns the formatted ssh-style fingerprint of the key. It is only
# printed if the option --ssh-fpr has been used. It defaults to '-'.
#
# TTL is the TTL in seconds for that key or '-' if n/a.
#
# FLAGS is a word consisting of one-letter flags:
# 'D' - The key has been disabled,
# 'S' - The key is listed in sshcontrol (requires --with-ssh),
# 'c' - Use of the key needs to be confirmed,
# '-' - No flags given.
#
# More information may be added in the future.
OK

This returns what gpg-agent knows about the private keys.


Shalom-Salam,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K' [ In reply to ]
Thanks, I found it myself but since the sender of a mail to the list
does not get a copy of it, I could not simply reply. If I use
'--list-options show-unusable-subkeys', I see the missing keys, they are
simply expired. Sorry to disrupt.

Regards,
Viktor
Re: more files in private-keys-v1.d than shown with 'gpg --with-keygrip -K' [ In reply to ]
On Tue, 22 Mar 2016 10:12:36 +0100
Viktor Dick <viktordick86@gmail.com> wrote:

Hello Viktor,

>Thanks, I found it myself but since the sender of a mail to the list
>does not get a copy of it,

It's a gmail-ism; Most people get their list messages sent back to
them, but not gmail users. It's a 'feature' google seem to be proud of.

--
Regards _
/ ) "The blindingly obvious is
/ _)rad never immediately apparent"
It's cool to know nothin'
Never Miss A Beat - Kaiser Chiefs