Hi, for a backup integrity protection, I want to add a signature check to the restore script to reject the backup files that are not properly signed. So far, so good.
#$ gpg --verify backup.tar.sig #$ if [ $? -ne 0 ]; then echo "backup is not properly signed!"; exit 1; fi #$ tar xzvf backup.tar Now, I find that `gpg --verify` produces a return code rc=0 when there is a public key in my keyring that I once added, even though I never declared that I trust this key. How can I require `gpg --verify` to only accept keys from my keyring with a certain trust level and fail otherwise (rc!=0) Alternatively, how can I check that a signature was done with a specific key? Many thanks Bern _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users