Me preocupa que la lista de claves en mi conjunto de claves GPG cambie mis archivos pubring.gpg
y trustdb.gpg
. Esperaba que las claves del listado fueran una operación de solo lectura.
¿Sabrías cuál es la razón? Si no hay una buena razón, ¿hay alguna manera de prevenirla? Tomar los hashes de estos archivos para verificar su autenticidad facilitaría mi trabajo.
Script para reproducir
rm keys -rf
mkdir keys
gpg --homedir keys --gen-key --batch <<EOF
Key-Type: RSA
Key-Length: 2048
SubKey-Type: RSA
SubKey-Length: 2048
Name-Real: Test
Expire-Date: 0
EOF
find keys -type f -exec sha256sum {} \;
gpg --homedir keys --list-keys
find keys -type f -exec sha256sum {} \;
Salida de muestra
gpg: WARNING: unsafe permissions on homedir 'keys'
gpg: keyring 'keys/secring.gpg' created
gpg: keyring 'keys/pubring.gpg' created
.....+++++
..+++++
...+++++
..+++++
gpg: keys/trustdb.gpg: trustdb created
gpg: key A492C6DF marked as ultimately trusted
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 keys/pubring.gpg~
a5791aee44c5496e11105a9ecd6d1dc41b64c19f3ad236a21ad854fe636dda3a keys/random_seed
357de0c1a72450c653f6a1bd472bc50db975e4016644967cd49c3edcd416bdac keys/pubring.gpg
f408c36e2f20bcd79da92ddbbb9866fa47bd5c1cfa1457b09a8a7560ac52f94f keys/secring.gpg
854fa0608f4a3d8ff264c4720c4c6e3a72db9a37a6e28244705f6dd3cd954ebf keys/trustdb.gpg
gpg: WARNING: unsafe permissions on homedir 'keys'
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
keys/pubring.gpg
----------------
pub 2048R/A492C6DF 2017-03-02
uid Test
sub 2048R/CBA76512 2017-03-02
357de0c1a72450c653f6a1bd472bc50db975e4016644967cd49c3edcd416bdac keys/pubring.gpg~
a5791aee44c5496e11105a9ecd6d1dc41b64c19f3ad236a21ad854fe636dda3a keys/random_seed
d8d723c224be6e54099305f18d6064758b05033698d64c7d6c591e518b6116ad keys/pubring.gpg
f408c36e2f20bcd79da92ddbbb9866fa47bd5c1cfa1457b09a8a7560ac52f94f keys/secring.gpg
7bb05436e0077fbe90f3407ebd90d62a6d2983c878de9bfc6bf44d6ae724cf04 keys/trustdb.gpg