Here the shell script is used for this purpose. It creates a temporary keyboard, installs the specified public key into it, launches the specified command, and then deletes the temporary chain.
Note that this installs the key from the key server. You should not try to configure it to use the key that you already have on the disk (and I must add an option to do just that).
Update: see https://github.com/Keith-S-Thompson/gpg-tmp
#!/bin/sh keyid=$1 shift case "$keyid" in ????????) ;; *) echo "Usage: $0 key args..." 1>&2 exit 1 esac tmp_keyring=$HOME/$keyid-keyring.gpg gpg --no-default-keyring --keyring $tmp_keyring --recv-keys $keyid gpg --no-default-keyring --keyring $tmp_keyring " $@ " rm -f $tmp_keyring
It acts like a gpg command, but takes an additional initial argument specifying an 8-digit key identifier.
Sample Usage:
$ gpg coreutils-8.9.tar.gz.sig gpg: Signature made Tue 04 Jan 2011 07:04:25 AM PST using RSA key ID 000BEEEE gpg: Can't check signature: public key not found $ gpg-tmp 000BEEEE coreutils-8.9.tar.gz.sig gpg: keyring `/home/kst/000BEEEE-keyring.gpg' created gpg: requesting key 000BEEEE from hkp server subkeys.pgp.net gpg: key 000BEEEE: public key "Jim Meyering < jim@meyering.net >" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) gpg: Signature made Tue 04 Jan 2011 07:04:25 AM PST using RSA key ID 000BEEEE gpg: Good signature from "Jim Meyering < jim@meyering.net >" gpg: aka "Jim Meyering < meyering@gnu.org >" gpg: aka "Jim Meyering < meyering@redhat.com >" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 155D 3FC5 00C8 3448 6D1E EA67 7FD9 FCCB 000B EEEE
Keep in mind that this says absolutely nothing about the validity of the key, but it is useful as an integrity check.
(I wonder how many keys Jim Meiring generated before he received this one.)
Keith thompson
source share