2012-03-22 13:45:01 +01:00
|
|
|
# Options for GnuPG
|
|
|
|
# Copyright 1998, 1999, 2000, 2001, 2002, 2003,
|
|
|
|
# 2010 Free Software Foundation, Inc.
|
2018-09-18 20:37:28 +02:00
|
|
|
# 2012 - 2018 Mikaela Suomalainen
|
2012-03-22 13:45:01 +01:00
|
|
|
# This file is free software; as a special exception the author gives
|
|
|
|
# unlimited permission to copy and/or distribute it, with or without
|
|
|
|
# modifications, as long as this notice is preserved.
|
|
|
|
#
|
|
|
|
# This file is distributed in the hope that it will be useful, but
|
|
|
|
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
|
|
|
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
|
|
#
|
|
|
|
# Unless you specify which option file to use (with the command line
|
|
|
|
# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
|
|
|
|
# by default.
|
|
|
|
#
|
|
|
|
# An options file can contain any long options which are available in
|
|
|
|
# GnuPG. If the first non white space character of a line is a '#',
|
|
|
|
# this line is ignored. Empty lines are also ignored.
|
|
|
|
#
|
|
|
|
# See the man page for a list of options.
|
|
|
|
|
2019-07-01 10:47:27 +02:00
|
|
|
#keyserver-options auto-key-retrieve no-include-revoked
|
2015-01-10 12:49:58 +01:00
|
|
|
#import-clean
|
2012-08-11 09:56:01 +02:00
|
|
|
|
2012-12-21 18:50:44 +01:00
|
|
|
# Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address.
|
|
|
|
auto-key-locate keyserver
|
|
|
|
|
2012-12-21 12:19:49 +01:00
|
|
|
# Use my key by default
|
2014-10-09 19:25:11 +02:00
|
|
|
#default-key 0x0C207F07B2F32B67 # MIKAELA_GREP # MIKAELA_GREP_GPG
|
2012-12-21 12:19:49 +01:00
|
|
|
|
|
|
|
# Encrypt to sender's key by default
|
2012-03-22 13:45:01 +01:00
|
|
|
default-recipient-self
|
2012-12-21 12:19:49 +01:00
|
|
|
|
|
|
|
# Always encrypt to my key
|
2014-10-09 19:25:11 +02:00
|
|
|
#encrypt-to 0x0C207F07B2F32B67# MIKAELA_GREP MIKAELA_GREP_GPG
|
2012-12-21 12:19:49 +01:00
|
|
|
|
|
|
|
# Use UTF-8 charset
|
2012-03-22 13:45:01 +01:00
|
|
|
charset UTF-8
|
2012-12-21 18:50:44 +01:00
|
|
|
display-charset utf-8
|
2012-12-21 12:19:49 +01:00
|
|
|
|
2018-09-18 20:37:28 +02:00
|
|
|
# use GPG Agent to avoid retyping passphrase very often.
|
2012-08-06 11:16:56 +02:00
|
|
|
use-agent
|
2012-12-21 12:19:49 +01:00
|
|
|
|
|
|
|
# Do everything in ASCII format by default instead of binary
|
2012-08-06 11:16:56 +02:00
|
|
|
armor
|
2012-12-21 12:19:49 +01:00
|
|
|
|
2012-07-25 17:56:09 +02:00
|
|
|
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
|
2012-05-30 16:37:33 +02:00
|
|
|
|
2018-09-18 20:37:28 +02:00
|
|
|
#personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
|
|
|
|
#personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
|
|
|
|
#personal-compress-preferences BZIP2,ZLIB,ZIP
|
2012-12-21 18:50:44 +01:00
|
|
|
|
|
|
|
# Default preferences
|
2018-09-18 20:37:28 +02:00
|
|
|
#default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
|
2012-12-21 18:50:44 +01:00
|
|
|
|
|
|
|
# Forcing preferred settings even if it's against OpenPGP standards
|
2018-09-18 20:37:28 +02:00
|
|
|
#cert-digest-algo SHA512
|
|
|
|
#digest-algo SHA512
|
|
|
|
#compress-algo BZIP2
|
2012-12-21 18:50:44 +01:00
|
|
|
|
2018-09-18 20:37:28 +02:00
|
|
|
#no-allow-non-selfsigned-uid
|
|
|
|
#allow-multiple-messages
|
2012-07-11 09:31:11 +02:00
|
|
|
|
2012-12-22 15:43:34 +01:00
|
|
|
# Show the LONG KEYID and fingerprint by default and tell that it's hexadecimal string.
|
2012-07-26 12:17:43 +02:00
|
|
|
keyid-format 0xLONG
|
2012-12-22 15:43:34 +01:00
|
|
|
with-fingerprint
|
2012-07-24 09:32:53 +02:00
|
|
|
|
2012-12-21 18:50:44 +01:00
|
|
|
# Use Eye Of Gnome as default image viewer
|
2018-09-18 20:37:28 +02:00
|
|
|
photo-viewer eom %i
|
2012-12-21 18:50:44 +01:00
|
|
|
|
|
|
|
# The default to use for the check level when signing a key.
|
2013-01-05 20:44:40 +01:00
|
|
|
#default-cert-level 2
|
2012-12-21 18:50:44 +01:00
|
|
|
|
2018-09-18 20:37:28 +02:00
|
|
|
#lock-multiple
|
2012-12-21 18:50:44 +01:00
|
|
|
|
|
|
|
expert
|
2014-05-23 15:21:14 +02:00
|
|
|
#verbose
|
|
|
|
#verbose
|
|
|
|
#verbose
|
2012-12-21 18:50:44 +01:00
|
|
|
|
2019-08-01 13:08:40 +02:00
|
|
|
## Web of Trust is dead
|
|
|
|
# remove unusable signatures, this should allow key verification in cases
|
|
|
|
# like Tails https://tails.boum.org/install/expert/usb/index.en.html
|
|
|
|
import-options import-clean
|
|
|
|
# export the most minimal possible key that only includes the most recent
|
|
|
|
# self-sigs
|
2019-08-01 11:19:44 +02:00
|
|
|
export-options export-minimal
|
2012-12-22 15:43:34 +01:00
|
|
|
|
2013-01-17 15:48:48 +01:00
|
|
|
# Ask everything
|
|
|
|
ask-cert-level
|
|
|
|
ask-cert-expire
|
2012-12-22 15:43:34 +01:00
|
|
|
|
2013-02-26 11:18:20 +01:00
|
|
|
# Copying https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#update-your-gpg-defaults
|
|
|
|
# when outputting certificates, view user IDs distinctly from keys:
|
|
|
|
fixed-list-mode
|
|
|
|
# You should always know at a glance which User IDs gpg thinks are legitimately bound to the keys in your keyring:
|
|
|
|
verify-options show-uid-validity
|
|
|
|
list-options show-uid-validity
|
|
|
|
|
2019-08-01 11:19:44 +02:00
|
|
|
# Disable comments
|
|
|
|
no-comments
|