security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-02 12:01:32 +01:00
Code Activity

doc: Clarify some gpg keyring options

Browse Source 
--
GnuPG-bug-id: 5594
This commit is contained in:
Werner Koch 2021-09-09 17:45:33 +02:00
parent dbfb7f809b
commit 7f8ccb67e3
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 28 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
doc/gpg.texi
View File

@ -445,7 +445,7 @@ request a confirmation.
@item --export @item --export
@opindex export @opindex export
Either export all keys from all keyrings (default keyrings and those Either export all keys from all keyrings (default keyring and those
registered via option @option{--keyring}), or if at least one name is given, registered via option @option{--keyring}), or if at least one name is given,
those of the given name. The exported keys are written to STDOUT or to the those of the given name. The exported keys are written to STDOUT or to the
file given with option @option{--output}. Use together with file given with option @option{--output}. Use together with
@ -1105,12 +1105,12 @@ signing.
@item save @item save
@opindex keyedit:save @opindex keyedit:save
Save all changes to the keyrings and quit. Save all changes to the keyring and quit.
@item quit @item quit
@opindex keyedit:quit @opindex keyedit:quit
Quit the program without updating the Quit the program without updating the
keyrings. keyring.
@end table @end table
@c man:.RS @c man:.RS
@ -1523,7 +1523,7 @@ photo viewers use the @code{PATH} environment variable.
Add @var{file} to the current list of keyrings. If @var{file} begins Add @var{file} to the current list of keyrings. If @var{file} begins
with a tilde and a slash, these are replaced by the $HOME directory. If with a tilde and a slash, these are replaced by the $HOME directory. If
the filename does not contain a slash, it is assumed to be in the GnuPG the filename does not contain a slash, it is assumed to be in the GnuPG
home directory ("~/.gnupg" if @option{--homedir} or $GNUPGHOME is not home directory ("~/.gnupg" unless @option{--homedir} or $GNUPGHOME is
used). used).
Note that this adds a keyring to the current list. If the intent is to Note that this adds a keyring to the current list. If the intent is to
@ -1533,18 +1533,23 @@ use the specified keyring alone, use @option{--keyring} along with
If the option @option{--no-keyring} has been used no keyrings will If the option @option{--no-keyring} has been used no keyrings will
be used at all. be used at all.
Note that if the option @option{use-keyboxd} is enabled in
@file{common.conf}, no keyrings are used at all and keys are all
maintained by the keyboxd process in its own database.
@item --primary-keyring @var{file}
@opindex primary-keyring
This is a varian of @option{--keyring} and designates @var{file} as
the primary public keyring. This means that newly imported keys (via
@option{--import} or keyserver @option{--recv-from}) will go to this
keyring.
@item --secret-keyring @var{file} @item --secret-keyring @var{file}
@opindex secret-keyring @opindex secret-keyring
This is an obsolete option and ignored. All secret keys are stored in This is an obsolete option and ignored. All secret keys are stored in
the @file{private-keys-v1.d} directory below the GnuPG home directory. the @file{private-keys-v1.d} directory below the GnuPG home directory.
@item --primary-keyring @var{file}
@opindex primary-keyring
Designate @var{file} as the primary public keyring. This means that
newly imported keys (via @option{--import} or keyserver
@option{--recv-from}) will go to this keyring.
@item --trustdb-name @var{file} @item --trustdb-name @var{file}
@opindex trustdb-name @opindex trustdb-name
Use @var{file} instead of the default trustdb. If @var{file} begins Use @var{file} instead of the default trustdb. If @var{file} begins
@ -2485,9 +2490,9 @@ opposite meaning. The options are:
signatures. Defaults to yes. signatures. Defaults to yes.
@item bulk-import @item bulk-import
When used the keyboxd (option "use-keyboxd" in @file{common.conf}) When used the keyboxd (option @option{use-keyboxd} in @file{common.conf})
do the import within a single does the import within a single
transaction. This is an experimental feature. transaction.
@item import-minimal @item import-minimal
Import the smallest key possible. This removes all signatures except Import the smallest key possible. This removes all signatures except
@ -3024,10 +3029,8 @@ and may thus be changed or removed at any time without notice.
@item --debug-allow-large-chunks @item --debug-allow-large-chunks
@opindex debug-allow-large-chunks @opindex debug-allow-large-chunks
To facilitate in-memory decryption on the receiving site, the largest To facilitate software tests and experiments this option allows to
recommended chunk size is 128 MiB (@code{--chunk-size 27}). This specify a limit of up to 4 EiB (@code{--chunk-size 62}).
option allows to specify a limit of up to 4 EiB (@code{--chunk-size
62}) for experiments.
@item --faked-system-time @var{epoch} @item --faked-system-time @var{epoch}
@opindex faked-system-time @opindex faked-system-time
@ -3470,11 +3473,14 @@ invalid. This options allows to override this restriction.
@item --no-default-keyring @item --no-default-keyring
@opindex no-default-keyring @opindex no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that Do not add the default keyring to the list of keyrings. Note that
GnuPG will not operate without any keyrings, so if you use this option GnuPG needs for almost all operations a keyring. Thus if you use this
and do not provide alternate keyrings via @option{--keyring} or option and do not provide alternate keyrings via @option{--keyring},
@option{--secret-keyring}, then GnuPG will still use the default public or then GnuPG will still use the default keyring.
secret keyrings.
Note that if the option @option{use-keyboxd} is enabled in
@file{common.conf}, no keyrings are used at all and keys are all
maintained by the keyboxd process in its own database.
@item --no-keyring @item --no-keyring
@opindex no-keyring @opindex no-keyring