On Sat, 11 Nov 2000, kmself@ix.netcom.com wrote: > There are two general problems with a public key infrastructure: > > - Key distribution (the 'keyserver' line handles this). > - Key modification updates.
See attached script. Modify it for your needs, or write a new one that isn't such an ugly hack :-) -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
#!/bin/sh
## GNUPG Maintenance script
##
###
### User-defined parameters
###
## Read-Only keyrings
ROKEYRINGS="/usr/share/keyrings/debian-keyring.gpg /usr/share/keyrings/debian-keyring.pgp"
## Keyserver list
#KEYSERVERS="keyring.debian.org wwwkeys.eu.pgp.net wwwkeys.us.pgp.net"
KEYSERVERS="wwwkeys.eu.pgp.net wwwkeys.us.pgp.net"
PROG=`basename $0`
########################################################################
set +e
if test -x /usr/bin/time; then
TIMECMD=/usr/bin/time
else
TIMECMD=
fi
runupdate() {
# Does an update run
gpg --batch --list-keys --fast-list | grep ^pub\ | awk '{ print $2 }' | sed s/^.*\\/// | xargs -r ${TIMECMD} gpg -q --batch --lock-multiple --recv-key $@
}
## First, update public ring from any readonly keyrings
echo ${PROG}: Updating RW keyring from RO keyrings...
echo ${PROG}: Keyrings: ${ROKEYRINGS}
${TIMECMD} gpg --batch --quiet --fast-import ${ROKEYRINGS}
echo
## Now, refresh key data from dynamic sources
echo ${PROG}: Requesting fresh key data from public keyservers...
for i in ${KEYSERVERS} ; do
echo ${PROG}: Keyserver ${i}...
runupdate --keyserver ${i}
echo
done
## Now, rebuild database
echo ${PROG}: Rebuilding trust database...
gpg --batch --quiet --update-trustdb
echo ${PROG}: DONE.
pgpoexVQkCMib.pgp
Description: PGP signature
