5

I would like to set the expiration date of a GPG subkey in the past, but gpg --edit-key does not allow me to. Is there any workaround to that?

Rationale: it is useful to set the expiration date of a subkey in the past in order to temporarily disable it. If you just revoke it, you lose the ability to enable it again later on.

Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
Giovanni Mascellani
  • 439
  • 3
  • 12

1 Answers1

6

A possible workaround is to use faketime to convince gnupg to not complain. See this other question:

$ faketime 'last week' gpg2 --edit-key ABCDEF12

and then use ordinary commands to expire the subkey tomorrow. That "tomorrow" will actually be six days ago.

Community
  • 1
Giovanni Mascellani
  • 439
  • 3
  • 12