Am Mittwoch 10 November 2010 15:38:39 schrieb Sven Klomp: > I have a public key configuration as follows: > Primary Key (DSA for signing other keys) > - Sub-key 1 (Elgamal for encryption) > - Sub-key 2 (RSA for signing mails/files) > - Sub-key 3 (RSA for encryption) > > How does GnuPG decide, what encryption key should be used? In my tests, a > file or mail is always encrypted with sub-key 3.
AFAIK gpg takes the (compatible) subkey which is valid for the longest remaining period. Unfortunately you cannot even force gpg to use a certain subkey (directly): Giving a subkey ID as encryption target triggers a strange process: gpg looks for the main key of this ID and then selects the subkey as if the main key ID had been given... If you really want to force it then you can export the subkeys to a different keyring (call gpg with --no-default-keyring and --keyring and import the key), delete all other subkeys and start the normal encryption afterwards. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
