42
14
How do I make GnuPG (specifically version 1.4.12) display the full, 64-bit (8-byte) key ID for a key on a keyring on my system?
Doing gpg --list-keys --fingerprint XXXXXXXX only displays the 32-bit portion of the key ID, which I already know, and the fingerprint (which at least in the past has not necessarily been the same as the key ID, although the rightmost 32 bits do match in this particular case).
Googling turned up some pages about the importance of specifying the 64-bit key ID to minimize the risk of collisions, and some GnuPG options which want or accept a long key ID, but I couldn't find anything about how to actually display the long key ID.
a CVn
Posted 2013-07-12T21:20:27.177
Reputation: 26 553
1The reason why Paulo's suggestion is better is that the --with-colons format is guaranteed to work, because the --with-colons option is guaranteed to be backwards-compatible, for programmatic access. Other options do not necessarily have that output format guarantee. – Christopher – 2015-06-10T23:58:02.280
1Except the positioning of some values on some platforms isn't always identical. It usually is, but not quite consistently enough for true, programmatic platform independence. Unfortunately I can't recall which variation broke the pattern, but I do recall it being discussed on gnupg-users; I believe in relation to a discussion about counting the number of keys in a keyring. – Ben – 2015-06-14T09:01:49.573
@Christopher That is certainly a consideration when you're scripting something, or trying to parse the output. For human consumption, however, it certainly is not a major consideration, as when properly calibrated, the human brain is a highly adaptive fuzzy logic matcher. – a CVn – 2015-07-23T18:06:26.450
@MichaelKjörling The scriptable solution is also a future-proof answer for humans. – Christopher – 2015-07-24T19:17:49.027
Ah, but if you really want future-proof, there's no set in stone guarantee of that, but you may get closer to that utilising GPGME rather than having code calling user space commands. – Ben – 2015-07-25T14:24:01.817
If you add the line
keyid-format 0xlongto~/.gnupg/gpg.confyou can change the default behavior for gpg2 (I haven't tested gpg v1) to use the full key length. – lukecampbell – 2017-04-24T14:46:58.710This is even more important in newer
gpgversions (e.g. 2.2.4), because-kdoesn't show the subkey IDs by default. That makes it very difficult to match IDs. With--keyid-format long,-kwill show the subkey IDs. – wisbucky – 2019-07-09T23:16:49.667This is actually even better IMO, as the output is much more readable than in Paulo's suggestion (which is still valid). – a CVn – 2013-09-30T07:21:17.327
5Yeah, I prefer the longer format so much that I have "keyid-format 0xLONG" in my gpg.conf so I don't have to specify it each time. Using --keyid-format 0xSHORT will display keys the default way. – Ben – 2013-09-30T08:56:28.667