我担心在我的 GPG 密钥环中列出密钥会更改我的pubring.gpg和trustdb.gpg文件。我希望列出键是只读操作。

你知道是什么原因吗？如果没有充分的理由，有没有办法阻止它？用这些文件的哈希值来验证它们的真实性会让我的工作更轻松。

重现的脚本

rm keys -rf
mkdir keys

gpg --homedir keys --gen-key --batch <<EOF
Key-Type: RSA
Key-Length: 2048
SubKey-Type: RSA
SubKey-Length: 2048
Name-Real: Test
Expire-Date: 0
EOF

find keys -type f -exec sha256sum {} \;

gpg --homedir keys --list-keys

find keys -type f -exec sha256sum {} \;

样本输出

gpg: WARNING: unsafe permissions on homedir `keys'
gpg: keyring `keys/secring.gpg' created
gpg: keyring `keys/pubring.gpg' created
.....+++++
..+++++
...+++++
..+++++
gpg: keys/trustdb.gpg: trustdb created
gpg: key A492C6DF marked as ultimately trusted
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  keys/pubring.gpg~
a5791aee44c5496e11105a9ecd6d1dc41b64c19f3ad236a21ad854fe636dda3a  keys/random_seed
357de0c1a72450c653f6a1bd472bc50db975e4016644967cd49c3edcd416bdac  keys/pubring.gpg
f408c36e2f20bcd79da92ddbbb9866fa47bd5c1cfa1457b09a8a7560ac52f94f  keys/secring.gpg
854fa0608f4a3d8ff264c4720c4c6e3a72db9a37a6e28244705f6dd3cd954ebf  keys/trustdb.gpg
gpg: WARNING: unsafe permissions on homedir `keys'
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
keys/pubring.gpg
----------------
pub   2048R/A492C6DF 2017-03-02
uid                  Test
sub   2048R/CBA76512 2017-03-02

357de0c1a72450c653f6a1bd472bc50db975e4016644967cd49c3edcd416bdac  keys/pubring.gpg~
a5791aee44c5496e11105a9ecd6d1dc41b64c19f3ad236a21ad854fe636dda3a  keys/random_seed
d8d723c224be6e54099305f18d6064758b05033698d64c7d6c591e518b6116ad  keys/pubring.gpg
f408c36e2f20bcd79da92ddbbb9866fa47bd5c1cfa1457b09a8a7560ac52f94f  keys/secring.gpg
7bb05436e0077fbe90f3407ebd90d62a6d2983c878de9bfc6bf44d6ae724cf04  keys/trustdb.gpg