From d9b31d3a20b89a5ad7e9a2158b6da63a9a37fa8a Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 27 May 2019 10:40:38 +0200 Subject: gpg: Allow deletion of subkeys with --delete-[secret-]key. * common/userids.c (classify_user_id): Do not set the EXACT flag in the default case. * g10/export.c (exact_subkey_match_p): Make static, * g10/delkey.c (do_delete_key): Implement subkey only deleting. -- GnuPG-bug-id: 4457 --- doc/gpg.texi | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'doc/gpg.texi') diff --git a/doc/gpg.texi b/doc/gpg.texi index 67f0e8b11..74862e526 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -404,7 +404,10 @@ functionality is also available as the subcommand "passwd" with the @opindex delete-keys Remove key from the public keyring. In batch mode either @option{--yes} is required or the key must be specified by fingerprint. This is a -safeguard against accidental deletion of multiple keys. +safeguard against accidental deletion of multiple keys. If the +exclamation mark syntax is used with the fingerprint of a subkey only +that subkey is deleted; if the exclamation mark is used with the +fingerprint of the primary key the entire public key is deleted. @item --delete-secret-keys @var{name} @opindex delete-secret-keys @@ -413,7 +416,10 @@ specified by fingerprint. The option @option{--yes} can be used to advice gpg-agent not to request a confirmation. This extra pre-caution is done because @command{@gpgname} can't be sure that the secret key (as controlled by gpg-agent) is only used for the given -OpenPGP public key. +OpenPGP public key. If the exclamation mark syntax is used with the +fingerprint of a subkey only the secret part of that subkey is +deleted; if the exclamation mark is used with the fingerprint of the +primary key only the secret part of the primary key is deleted. @item --delete-secret-and-public-key @var{name} -- cgit v1.2.3