Ale*_*lex 4 trust automation gnupg pgp
我只需要信任一堆公钥就可以通过 pass 来使用它。不幸的是,我没有找到一种简单的方法来信任我本地存储的所有公钥。我发现它的收益按时间顺序相当昂贵:
> gpg --edit-key XXXXXXXXXXXXXXXX
gpg (GnuPG) 2.2.10; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: SC
trust: unknown validity: unknown
sub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: E
[ unknown] (1). email@example.com
gpg> trust
pub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: SC
trust: unknown validity: unknown
sub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: E
[ unknown] (1). email@example.com
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? y
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
pub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: SC
trust: ultimate validity: unknown
sub rsa4096/XXXXXXXXXXXXXXXX
created: 2018-11-16 expires: never usage: E
[ unknown] (1). email@example.com
Please note that the shown key validity is not necessarily correct
unless you restart the program.
gpg> q
怎样才能快速做到呢?
环顾四周,我发现了一个描述该过程的博客: ow-to-ultimately-trust-a-public-key-non-interactively
然而,那里提出的解决方案不适用于当前的 gpg 版本。为了使其正常工作,我使用了以下命令:
gpg --list-keys --fingerprint |grep pub -A 1|egrep -Ev "pub|--"|tr -d ' ' \
| awk 'BEGIN { FS = "\n" } ; { print $1":6:" } ' | gpg --import-ownertrust
基本上,它创建一个所有者信任文本,然后由 gpg 即时导入。
| 归档时间: |
|
| 查看次数: |
3769 次 |
| 最近记录: |