On Sat, 14 Oct 2023 12:06, Martin Jambor said: > Is there a way to specify a preferred decryption key (that is different > from the default signing key)?
Although we meanwhile have a way to set preferences for ssh keys [1] we don't have this for decryption keys. :-( > Incidentally, does anybody know how to convince emacs EasyPG to pass > --no-throw-keyids to GPG? :-) Elisp is easy to modify ;-). One other idea: Replace the throw-keyid in gpg.conf by --8<---------------cut here---------------start------------->8--- [getenv no_throw_keyid NO_THROW_KEYID] [if $no_throw_keyid -z ] throw-keyid [fi] --8<---------------cut here---------------end--------------->8--- and then have Emacs to set the NO_THROW_KEYID envvar to 1 or so. Shalom-Salam, Werner [1] In the respective .key file you may put this name/value: *** Use-for-ssh If given and the value is "yes" or "1" the key is allowed for use by gpg-agent's ssh-agent implementation. This is thus the same as putting the keygrip into the 'sshcontrol' file. Only one such item should exist. If another non-zero value between 1 and 99999 is used, this is taken to establish the order in which the keys are returned to ssh; lower numbers are returned first. If a negative value is used this overrides currently active (inserted) cards and thus allows to prefer on-disk keys over inserted cards. A value of -1 has the highest priority; values are capped at -999 and have a lower priority but still above the positive values, inserted cards or the order in sshcontrol. -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users