Next: , Previous: GPG Key related Options, Up: GPG Options


4.2.3 Input and Output

--armor
-a
Create ASCII armored output. The default is to create the binary OpenPGP format.
--no-armor
Assume the input data is not in ASCII armored format.
--output file
-o file
Write output to file.
--max-output n
This option sets a limit on the number of bytes that will be generated when processing a file. Since OpenPGP supports various levels of compression, it is possible that the plaintext of a given message may be significantly larger than the original OpenPGP message. While GnuPG works properly with such messages, there is often a desire to set a maximum file size that will be generated before processing is forced to stop by the OS limits. Defaults to 0, which means "no limit".
--import-options parameters
This is a space or comma delimited string that gives options for importing keys. Options can be prepended with a `no-' to give the opposite meaning. The options are:
import-local-sigs
Allow importing key signatures marked as "local". This is not generally useful unless a shared keyring scheme is being used. Defaults to no.
keep-ownertrust
Normally possible still existing ownertrust values of a key are cleared if a key is imported. This is in general desirable so that a formerly deleted key does not automatically gain an ownertrust values merely due to import. On the other hand it is sometimes necessary to re-import a trusted set of keys again but keeping already assigned ownertrust values. This can be achived by using this option.
repair-pks-subkey-bug
During import, attempt to repair the damage caused by the PKS keyserver bug (pre version 0.9.6) that mangles keys with multiple subkeys. Note that this cannot completely repair the damaged key as some crucial data is removed by the keyserver, but it does at least give you back one subkey. Defaults to no for regular --import and to yes for keyserver --recv-keys.
merge-only
During import, allow key updates to existing keys, but do not allow any new keys to be imported. Defaults to no.
import-clean
After import, compact (remove all signatures except the self-signature) any user IDs from the new key that are not usable. Then, remove any signatures from the new key that are not usable. This includes signatures that were issued by keys that are not present on the keyring. This option is the same as running the --edit-key command "clean" after import. Defaults to no.
import-minimal
Import the smallest key possible. This removes all signatures except the most recent self-signature on each user ID. This option is the same as running the --edit-key command "minimize" after import. Defaults to no.

--export-options parameters
This is a space or comma delimited string that gives options for exporting keys. Options can be prepended with a `no-' to give the opposite meaning. The options are:
export-local-sigs
Allow exporting key signatures marked as "local". This is not generally useful unless a shared keyring scheme is being used. Defaults to no.
export-attributes
Include attribute user IDs (photo IDs) while exporting. This is useful to export keys if they are going to be used by an OpenPGP program that does not accept attribute user IDs. Defaults to yes.
export-sensitive-revkeys
Include designated revoker information that was marked as "sensitive". Defaults to no.
export-clean
Compact (remove all signatures from) user IDs on the key being exported if the user IDs are not usable. Also, do not export any signatures that are not usable. This includes signatures that were issued by keys that are not present on the keyring. This option is the same as running the --edit-key command "clean" before export except that the local copy of the key is not modified. Defaults to no.
export-minimal
Export the smallest key possible. This removes all signatures except the most recent self-signature on each user ID. This option is the same as running the --edit-key command "minimize" before export except that the local copy of the key is not modified. Defaults to no.

--with-colons
Print key listings delimited by colons. Note that the output will be encoded in UTF-8 regardless of any --display-charset setting. This format is useful when GnuPG is called from scripts and other programs as it is easily machine parsed. The details of this format are documented in the file doc/DETAILS, which is included in the GnuPG source distribution.
--print-pka-records
Modify the output of the list commands to print PKA records suitable to put into DNS zone files. An ORIGIN line is printed before each record to allow diverting the records to the corresponding zone file.
--fixed-list-mode
Do not merge primary user ID and primary key in --with-colon listing mode and print all timestamps as seconds since 1970-01-01. Since GnuPG 2.0.10, this mode is always used and thus this option is obsolete; it does not harm to use it though.
--legacy-list-mode
Revert to the pre-2.1 public key list mode. This only affects the human readable output and not the machine interface (i.e. --with-colons). Note that the legacy format does not allow to convey suitable information for elliptic curves.
--with-fingerprint
Same as the command --fingerprint but changes only the format of the output and may be used together with another command.
--with-icao-spelling
Print the ICAO spelling of the fingerprint in addition to the hex digits.
--with-keygrip
Include the keygrip in the key listings.
--with-secret
Include info about the presence of a secret key in public key listings done with --with-colons.