Web lists-archives.com

Re: Convenient access to Debian keyrings


On Sun, Apr 02, 2017 at 07:52:00AM +0300, Teemu Likonen wrote:
> Perhaps --primary-keyring will help because it marks one keyring for use
> with key-importing commands. I haven't tried it but it would seem that
> all other keyrings are then read-only.

Thanks for this reply.  I tried

    keyring /usr/share/keyrings/debian-archive-keyring.gpg
    keyring /usr/share/keyrings/debian-keyring.gpg
    keyring /usr/share/keyrings/debian-maintainers.gpg
    keyring /usr/share/keyrings/debian-nonupload.gpg
    keyring /usr/share/keyrings/debian-role-keys.gpg
    primary-keyring ~/.gnupg/pubring.kbx

But then I get errors like this:

    gpg: keyblock resource '/home/spwhitton/.gnupg/pubring.kbx': File exists

which I don't understand.

On Sun, Apr 02, 2017 at 01:06:29AM +0200, gregor herrmann wrote:
> I'm using the keyrings from keyring.debian.org instead of the
> packaged ones. That way they are up to date and I don't have the
> write errors:

Good point that this avoids the write errors.  The problem is that
you're going to need to keep the keys of all keyring-maint members
updated out-of-band, in order to verify sha256sums.txt, but effortlessly
keeping track of DD keys was the whole point of all this.

Sean Whitton

Attachment: signature.asc
Description: PGP signature