Can preferred order of decryption keys be specified?
Martin Jambor
mjambor at suse.cz
Sat Oct 14 12:06:17 CEST 2023
Hello,
I intend to encrypt stuff for myself using two keys. One of the keys is
on a Yubikey and (probably because it is the default-key for signing?)
it is always tried first, even though the second one is on-disk and the
agent already knows its pass-phrase. This means that when decrypting
this stuff on machines that know about both keys but the Yubikey is not
inserted I get an unnecessary message to insert a card with serial
number XY even when it is not necessary.
When using the throw-keyids option, this gets quite a bit worse and the
dialog appears six times before the correct key is tried and succeeds.
Is there a way to specify a preferred decryption key (that is different
from the default signing key)?
Incidentally, does anybody know how to convince emacs EasyPG to pass
--no-throw-keyids to GPG? :-)
Thank you,
Martin
More information about the Gnupg-users
mailing list