set owner trust from a script
Alphax
alphasigmax at gmail.com
Mon May 29 08:06:22 CEST 2006
Nicolas Rachinsky wrote:
> Hallo,
>
> what is the best way to set the owner trust of a key from a script?
>
I've actually played around with this...
To do ownertrust stuff:
gpg --list-keys --with-colons --with-fingerprint
grep "^fpr"
The fingerprint format is:
fpr:::::::::(fingerprint):
The ownertrust format is:
(fingerprint):(trust):
where trust is:
0: (not settable)
1: expired (not sure what this means)
2: undefined
3: none
4: marginal
5: full
6: ultimate
128: disabled
If you want to set all valid keys with unspecified trust to marginal trust:
gpg --list-keys --with-colons --with-fingerprint `gpg --list-keys \
--with-colons | grep "pub:f:.*:-:" | sed -r -e \
's/pub:f:[0-9]+:[0-9]+:([A-F0-9]+):.*/0x\1/'` | grep "^fpr:" \
| sed -r -e 's/fpr:::::::::([0-9A-F]+):/\1:4:/' | gpg --import-ownertrust
Note that this isn't entirely foolproof and may have unintended
consequences - make backups of your keyring(s) and trustdb first. I've
mainly used it semi-automatically where I check the status of some keys,
run the script, and then re-check the status of the keys.
HTH,
--
Alphax
Death to all fanatics!
Down with categorical imperative!
OpenPGP key: http://tinyurl.com/lvq4g
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 569 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060529/2f3b526e/signature.pgp
More information about the Gnupg-users
mailing list