When given a file with an armored public GnuPG key, i.e. a file (pubkey.gpg) that was created with:
gpg -r 0xDEADBEEF --export --armored > pubkey.gpg
What is the best way to get information such as the finger print in that file, without importing it into my keyring?
The best way I found so far (and I am not happy with) is:
gpg --dry-run --import pubkey.gpg
Naturally, I grepped the gpg man page, but didn't find an obvious solution.
To print the fingerprint of an on-disk armored key without importing it, just use --with-fingerprint:
> gpg --with-fingerprint jm3.asc
pub 1024R/9112BC51 1996-02-05 john manoogian <jm3@*>
Key fingerprint = C9 DC 27 29 0E 1A DB 50 21 C8 64 08 15 29 41 86
uid john manoogian <jm3@foo...
uid john manoogian <jm3@bar...
uid john manoogian <jm3@baz...
uid john manoogian <jm3@qux...
Voilà!
I don't know that gpg has an option for this, but here's a more flexible workaround for extracting information from the key file:
mkdir temp-gnupg-dir
export GNUPGHOME=temp-gnupg-dir
gpg --import pubkey.gpg
gpg --list-keys
rm -r temp-gnupg-dir
Instead of the GNUPGHOME environment variable, you can pass --homedir=temp-gnupg-dir to every gpg invocation.
You can checkout Kazu Yamamoto's PGP packet visualizer which displays the packet format of OpenPGP (RFC 4880) and PGP version 2 (RFC 1991).
To fetch and compile:
git clone http://github.com/kazu-yamamoto/pgpdump
cd pgpdump
./configure --prefix=/usr/local/ && make && sudo make install
Using it is even simpler:
pgpdump pubkey.gpg
There is also a cgi-bin interface available on this site: http://www.pgpdump.net/cgi-bin/pgpdump
There is more simple solution (tested for GnuPG 2.2.27):
gpg pubkey.gpg
Or, machine-readable result (some upgrades for @jm3 answer):
gpg --with-fingerprint --with-colons pubkey.gpg
