gnupg 2.1.16: change of option --with-fingerprint

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

gnupg 2.1.16: change of option --with-fingerprint

linux_nutzer42
Hello all,

did the function of the option --with-fingerprint change in gnupg 2.1.16 and later?

When I tried to import a CentOS gpg key according to the manual from [1], I made the following observation:

"gpg --quiet --with-fingerprint <file path>" does not return the fingerprint when using gnupg 2.1.17 (on ArchLinux and openSuse Tumbleweed).
Also a self-compiled gnupg 2.1.16 does not return the fingerprint in this scenario, whereas a self compiled gnupg 2.1.15 does so.
gnupg 2.1.13 on Fedora also returns the fingerprint.
For the tests I used the key from [2] which I downloaded according to [1] with wget.

Many thanks in advance.

Regards
linux_nutzer42


links
=====
[1] https://wiki.centos.org/Download/Verify 
[2] http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7

details
=======
Arch Linux gnupg 2.1.17
-----------------------
$ gpg --quiet --with-fingerprint ./RPM-GPG-KEY-CentOS-7
pub   rsa4096 2014-06-23 [SC]
uid           CentOS-7 Key (CentOS 7 Official Signing Key) <[hidden email]>

Fedora gnupg 2.1.13
-------------------
$ gpg2 --quiet --with-fingerprint ./RPM-GPG-KEY-CentOS-7
pub   rsa4096 2014-06-23 [SC]
      6341 AB27 53D7 8A78 A7C2  7BB1 24C6 A8A7 F4A8 0EB5
uid           CentOS-7 Key (CentOS 7 Official Signing Key) <[hidden email]>

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: gnupg 2.1.16: change of option --with-fingerprint

Werner Koch
On Sat,  1 Jul 2017 16:46, [hidden email] said:

> When I tried to import a CentOS gpg key according to the manual from [1], I made the following observation:
>
> "gpg --quiet --with-fingerprint <file path>" does not return the fingerprint when using gnupg 2.1.17 (on ArchLinux and openSuse Tumbleweed).

That manual suggest the use of an unspecified behavior.  Namely that gpg
tries to do the right thing depending on the data.  For keys you will
see only some kind of debug output which funnily resembles a key
listing.  But it is not a real key listing.  Recent version of gpg thus
print

  gpg: WARNING: no command supplied.  Trying to guess what you mean ...

What you need to do instead is to import that key and then run

  gpg -k --with-fingerprint [hidden email]

or

  gpg --fingerprint [hidden email]

which shows the fingerprint.  Here -k and --fingerprint are the
commands.  If you don't want to import the key and your version of gpg
is at least 2.1.14 you can do this:

  gpg -n --import --import-options import-show FILE_WITH_KEY

This tells the import command to list the key during input (import-show)
and not to actually import (-n or --dry-run)

In case you want to script this, please make sure to also add
--with-colons so that you get the guaranteed to be stable machine
readable output.


Salam-Shalom,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-users mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

attachment0 (233 bytes) Download Attachment
Loading...