On Mar 4, 2009, at 11:20 PM, Faramir wrote:
Well, I followed the tutorial that shows how to use just subkeys
(without the main key), in order to keep the main key a bit safer than
usual. But that made me play a bit with the GPGShell options for GPG,
and managed to make it work, allowing to easily access my "whole"
keys,
and to switch to subkeys after using them. The "magic" is done by
adding
the following line to gpg.conf:
secret-keyring z:\gpghome\secring.gpg
(that's the location of the secring that has the unedited keys)
But my question is: what does that line do? When it is in gpg.conf, do
I have the 2 secrings at the same time, or it replaces the usage of
the
keyring located in gpghome with the one on my z drive?
Here's how it works: GPG allows for multiple public keyrings (via
"keyring") and multiple secret keyrings (via "secret-keyring"). The
default public keyring is $GNUPGHOME/pubring.gpg. The default secret
keyring is $GNUPGHOME/secring.gpg. Any keyrings, public or secret,
that you add are in addition to those defaults. If you don't want the
defaults to be present at all, use --no-default-keyring.
Thus in your case, you have two secret keyrings, unless there is a --
no-default-keyring somewhere or $GNUPGHOME/secring.gpg does not exist.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
