How to set gpg2 as default implementation of gpg on debian?

linux debian gnupg default-settings
9,004

Solution 1

Answer

update-alternatives only works if a package explicitly uses the alternatives system. gnupg and gnupg2 don't.

Background

Usually the reason is that the user-interface differs too much so that scripts using the one tool won't work anymore if suddenly the other tools runs instead. A typical example here is markdown. Each markdown implementation in Debian has quite different commandline options, hence the alternatives system is not in use there.

gpg's and gpg2's commandline options don't seem to differ much, but maybe the output on certain actions or exit codes differ significantly at some places.

One thing where they differ and which is important for minimal installations and installation media, are their dependencies. While the gnupg package is of priority "standard" (i.e. installed in a standard installation) and a dependency of the package apt, the package gnupg2 pulls in quite some more libraries which are currently only of priority "optional".

There are two open bug reports in Debian, one against each package (#561540 against gnupg and #483724 against gnupg2), requesting the use of the alternatives system for gnupg and gnupg2.

Currently one of these bug reports is tagged wontfix, but the tag is said to be "for now" and there are some hints what needs to be taken care of in case the alternatives system will be used (or gnupg2 will become the default) in the future.

How To, In Case You Really Want

If you really want gpg2 to be called if you called gpg, I recommend to add an according alias in your shell, e.g. with alias gpg=gpg2 for bourne-shell compatible shells. Shouldn't do much harm, but will only work if called from the commandline.

If you really want to have /usr/bin/gpg to be gnupg2, you can do that with dpkg-divert, e.g. rename gpg to gpg1 and then gpg2 to gpg. Files renamed with dpkg-divert will keep their new name even after updates of the according packages.

But be warned: APT requires and uses gpg and may not expect it to actually be gpg2. So you may break parts of your system if you use dpkg-divert that way. (Shell aliases for non-root users are fine with regards to that.)

Solution 2

There will be a new answer to that question very soon: Use Debian 9 Stretch (to be released in like 2 years or so ;-) or newer.

Background: At DebConf15 the Debian GnuPG Package Maintainers announced that in the future, GnuPG 2.x will be /usr/bin/gpg in Debian and the GnuPG 1.x command will be renamed to /usr/bin/gpg1.

You still won't be able to switch /usr/bin/gpg to another GnuPG version to your likes (see my other answer for the reason behind this), but at least GnuPG 2.x will be the default implementation in the near future in Debian Unstable and Debian Testing and very soon in Debian Experimental.

Share:
9,004

Related videos on Youtube

user329476
Author by

user329476

Updated on September 18, 2022

Comments

  • user329476
    user329476 over 1 year

    My debian installation came with gpg 1.4.12, while I would like to be running 2.0.19. The former comes in the package gnupg and the latter gnupg2. They can coexist peacefully as far as I know, but I would really like to use gpg2 as the default provider of gpg. I know debian has update-alternatives which is used for setting defaults, but I can't find any mention of gpg or gnupg in it.

    How can I set this up?

  • peterh
    peterh almost 7 years
    Side note, 2017-06-14: debian tools in the latest stable version still use hardcoded gpg1 internally. Debian forks (ubuntu, mint) seem to fix it.
  • Axel Beckert
    Axel Beckert almost 7 years
    Side note, 2017-06-17: debian tools in the latest stable version use gpg2. (Yes, I can see into the future. ;-) Just kidding, but @peterh wrote that comment just like three days before the next Debian Stable release will be released which changes exactly that.
  • peterh
    peterh over 6 years
    Good, thanks! However, digging into the gpg2 has teached pretty well to me, why were you so slow to upgrade the gpg versions. I think the real cause of the problem is the gpg. I think, maybe a project fork seems needed, how about it? If somebody would simply open a gpg2 fork on the github, and fix all of its braindamages, how would it be received? I am thinking on to do it, but it simply doesn't worth its price if it remains a forgotten archive forever.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Debian apt error: "The following signatures were invalid: NODATA 1 NODATA 2"
How to install GnuPG on Debian/Kali Linux?
Debian: add-apt-repository doesn't find openpgp key and then has exceptions/errors
Using GnuPG and its daemon gpg-agent
S.gpg-agent.browser not found error while adding ppa in debian strech
PureOS ISO (on USB) unavailable for boot (EFI) on Mac OS X
What is the BOOT_IMAGE parameter in /proc/cmdline
Kali Linux (Debian) can't install pip.py
Why autoconf.h is not copied automatically to its place?
Daemonizing a python script in debian using virtualenv