Re: gpg --verify in batch mode / how to require a trust level?
On Tue, 18 Jan 2022 15:59, Bernd Graf said: > How can I require `gpg --verify` to only accept keys from my keyring > with a certain trust level and fail otherwise (rc!=0) Use gpgv instead of gpg. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gpg --verify in batch mode / how to require a trust level?
On Dienstag, 18. Januar 2022 15:59:11 CET Bernd Graf via Gnupg-users wrote: > How can I require `gpg --verify` to only accept keys from my keyring > with a certain trust level and fail otherwise (rc!=0) > > Alternatively, how can I check that a signature was done with a specific > key? Use gpgv instead of gpg. It's much more lightweight and specifically meant for signature verification. In particular, you can pass it a keyring that only contains the keys you want: $ gpgv --keyring FILE backup.tar.sig backup.tar For details $ man gpgv Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg --verify in batch mode / how to require a trust level?
Hi, for a backup integrity protection, I want to add a signature check to the restore script to reject the backup files that are not properly signed. So far, so good. #$ gpg --verify backup.tar.sig #$ if [ $? -ne 0 ]; then echo "backup is not properly signed!"; exit 1; fi #$ tar xzvf backup.tar Now, I find that `gpg --verify` produces a return code rc=0 when there is a public key in my keyring that I once added, even though I never declared that I trust this key. How can I require `gpg --verify` to only accept keys from my keyring with a certain trust level and fail otherwise (rc!=0) Alternatively, how can I check that a signature was done with a specific key? Many thanks Bern ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg --verify in batch mode / how to require a trust level?
Hi, for a backup integrity protection, I want to add a signature check to the restore script to reject the backup files that are not properly signed. So far, so good. #$ gpg --verify backup.tar.sig #$ if [ $? -ne 0 ]; then echo "backup is not properly signed!"; exit 1; fi #$ tar xzvf backup.tar Now, I find that `gpg --verify` produces a return code rc=0 when there is a public key in my keyring that I once added, even though I never declared that I trust this key. How can I require `gpg --verify` to only accept keys from my keyring with a certain trust level and fail otherwise (rc!=0) Alternatively, how can I check that a signature was done with a specific key? Many thanks Bernd ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users