[Pkg-gnupg-maint] Bug#501630: gnupg: breaks symlink for secret keyring
Peter Palfrader
weasel at debian.org
Sun Oct 19 11:10:03 UTC 2008
On Wed, 08 Oct 2008, Ian Zimmerman wrote:
> The GNU Privacy Handbook says:
>
> Safely storing your private key is important, but there is a cost.
> Ideally, you would keep the private key on a removable, write-protected
> disk such as a floppy disk, and you would use it on a single-user
> machine not connected to a network.
>
> However, it turns out gpg makes following this advice hard. If ~/.gnupg/secring.gpg
> is a symlink (in my case, to a file on a USB fob), and the keyring changes
> (for example, deleting a public-private key pair), gpg breaks the symlink and creates
> a new file where the symlink was, instead of modifying the target of the symlink.
That's probably a side-effect of safely updating keyrings: write to a
temporary file, then move the now consistent new keyring in its proper
place. If you want to have your secret keyring some place else you
should use the --secret-keyring option (or "secret-keyring" in your gpg
config file).
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
More information about the Pkg-gnupg-maint
mailing list