On Sat, 14 Oct 2023 12:06, Martin Jambor said:
> Is there a way to specify a preferred decryption key (that is different
> from the default signing key)?
Although we meanwhile have a way to set preferences for ssh keys [1] we
don't have this for decryption keys. :-(
> Incidentally, does anybody know how to convince emacs EasyPG to pass
> --no-throw-keyids to GPG? :-)
Elisp is easy to modify ;-). One other idea: Replace the throw-keyid in
gpg.conf by
--8<---cut here---start->8---
[getenv no_throw_keyid NO_THROW_KEYID]
[if $no_throw_keyid -z ]
throw-keyid
[fi]
--8<---cut here---end--->8---
and then have Emacs to set the NO_THROW_KEYID envvar to 1 or so.
Shalom-Salam,
Werner
[1] In the respective .key file you may put this name/value:
*** Use-for-ssh
If given and the value is "yes" or "1" the key is allowed for use by
gpg-agent's ssh-agent implementation. This is thus the same as
putting the keygrip into the 'sshcontrol' file. Only one such item
should exist. If another non-zero value between 1 and 9 is used,
this is taken to establish the order in which the keys are returned to
ssh; lower numbers are returned first. If a negative value is used
this overrides currently active (inserted) cards and thus allows to
prefer on-disk keys over inserted cards. A value of -1 has the
highest priority; values are capped at -999 and have a lower priority
but still above the positive values, inserted cards or the order in
sshcontrol.
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users