Add "gpg --keygrip keyid" that prints all keygrips
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	lmamane
	Jan 31 2014, 11:31 PM

Description

If you want to use gpg-preset-passphrase to store a
passphrase for a OpenPGP key, you need to know the
keygrip of the key. For the primary key this is fairly
easy to get. Either use

  gpg --fingerprint cederp@opera.com

and remove all whitespaces in the fingerprint, or
use something like

  gpg --with-colon --fingerprint cederp@opera.com

and extract the 10th field of the fpr line.

But for subkeys used for encryption (see T1611
for background) this is harder. In fact, I have not
found any way short of running gpg-agent with debug
enabled and look at what gpg sends to gpg-agent.

There should be a way to get the full 20-byte keygrip
of both the main key and all subkeys in a form that is
easy to use with gpg-preset-passphrase. Either the
--with-colon output could be extended, or a new option
such as --keygrip that prints the info in the clear
could be added.

Details

Version: 2.0

Event Timeline

lmamane added projects: Feature Request, gnupg.Jan 31 2014, 11:31 PM

lmamane set Version to 2.0.

lmamane added a subscriber: lmamane.

For 2.1 use --with-keygrip.
2.0 does not use the agent for secret key operations but merely as a passphrtase
cache.

• werner closed this task as Resolved.Sep 17 2014, 7:04 PM

• werner claimed this task.

Add "gpg --keygrip keyid" that prints all keygripsClosed, ResolvedPublicActions

Description

Details

Event Timeline

Add "gpg --keygrip keyid" that prints all keygrips
Closed, ResolvedPublic
Actions