2011-12-02
We are happy to announce a prototype tool that can help identify keys on a GnuPG public key ring (e.g.
~/.gnupg/pubring.gpg) that
are expired, revoked or due to expire within a configured number of
days. This script, gpg-ring-check
can be found on the tools page.
gpg-ring-check is currently a prototype. We have verified
it works on a number of current Linux distributions, but have also
verified it doesn't currently work properly on a current Mac OS X
machine with GPGTools installed and also not with 2.x versions of GnuPG.
We hope to provide an updated version in the future that will handle all
the different operating systems GnuPG runs on as well as all versions of
GnuPG. We'll also happily accept patches and fixes from the community.
Using this tool is as easy as running it on the command line without any
arguments to get a usage message. Each option should be self
explanatory. By default the script will look for a
pubring.gpg file in ~/.gnupg/pubring.gpg
directory, but you may specify an alternate location. If run with the
-a option and a parameter specifying the number of days
from the current date, it'll look for display the keys that are revoked,
have expired or will expire within the specified number of days. The
DRG uses PGP extensively and we find this tool helpful to help alert us
to keys on our keyring that become unusable or are about to expire. We
hope you too find this script useful. We'd love to hear from you with
feedback.
posted at 12:00 am | permanent link
Apply to DRG
Host a DRG Distro Pod
Insight & Analysis
Tools
Weekend Reads
Security Innovation Grant
Mailing lists
DRG PGP public key
Follow us on Twitter
Feedback: dragon@dragonresearchgroup.org
Archives: