I see two directories ~/.gnupg and /root/.gnupg in my computer. There are some common files (private keys) and some files that are different (pubring).
Why is there a copy of my private keys etc in the root directory?
Can I delete the /root/.gnupg?
1 Answer
You can delete ~/.gnupg or anything that's under your user's directory. However, it will be created again whenever you run GnuPG or any program that runs GnuPG under the hood, like the APT package manager.
However, you should not delete anything that belongs to root unless you know what you're doing explicitly. If I were you, I'd leave it alone since it'll hardly do any damage to the system.
So, in short -
All user accounts will have a .gnupg directory if they run anything that uses GPG. Since both root and sudoers can do this, it's very common for systems to have multiple copies of this directory.
- You are right that a gnupg directory is initiated automatically. However, deleting any of those directories will delete the keys. The pubring files for example are different. Also, it's unclear if you move the secret keys in ~/ to a hardware key, the keys in /root/ will be deleted.eli– eli2020-04-22 22:11:35 +00:00Commented Apr 22, 2020 at 22:11
- Overall it's unclear what's the job of /root/.gnupg. Perhaps to gather some metadata from all users keys ... the concern is if one moves the keys to a Yubikey or make other changes, any traces of the secret keys remains in the root.eli– eli2020-04-22 22:16:13 +00:00Commented Apr 22, 2020 at 22:16