gpg.conf: I Read The Fine Manual and learned many things...
This commit is contained in:
Mika Suomalainen
parent
1c26464890
commit
26a4d2890a
|
|
@ -23,6 +23,9 @@
|
|||
# This is one of the most used keyservers as far as I know.
|
||||
keyserver pool.sks-keyservers.net
|
||||
|
||||
# Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address.
|
||||
auto-key-locate keyserver
|
||||
|
||||
# Use my key by default
|
||||
default-key 0x4DB53CFE82A46728 # MKAYSIGREP # MKAYSIGREPGPG
|
||||
|
||||
|
|
@ -34,6 +37,7 @@ encrypt-to 0x4DB53CFE82A46728 # MKAYSIGREP MKAYSIGREPGPG
|
|||
|
||||
# Use UTF-8 charset
|
||||
charset UTF-8
|
||||
display-charset utf-8
|
||||
|
||||
# use GPG Agent to avoid retyping passphrase very ofoten.
|
||||
use-agent
|
||||
|
|
@ -41,22 +45,47 @@ use-agent
|
|||
# Do everything in ASCII format by default instead of binary
|
||||
armor
|
||||
|
||||
keyserver-options auto-key-retrieve no-include-revoked verbose #import-clean
|
||||
keyserver-options auto-key-retrieve no-include-revoked verbose honor-keyserver-url #import-clean
|
||||
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
|
||||
|
||||
# Use other SHAs than SHA1 if possible. I think that everyone who I use GPG with use enough up-to-date version to support other SHAs than SHA1.
|
||||
personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
|
||||
personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
|
||||
personal-compress-preferences BZIP2,ZLIB,ZIP
|
||||
|
||||
# Default preferences
|
||||
default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
|
||||
default-keyserver-url hkp://pool.sks-keyservers.net
|
||||
|
||||
# Forcing preferred settings even if it's against OpenPGP standards
|
||||
#digest-algo SHA512
|
||||
#compress-algo BZIP2
|
||||
|
||||
no-allow-non-selfsigned-uid
|
||||
no-ask-sig-expire
|
||||
default-sig-expire 0
|
||||
|
||||
allow-multiple-messages
|
||||
|
||||
# Show the LONG KEYID by default and tell that it's hexadecimal string.
|
||||
keyid-format 0xLONG
|
||||
|
||||
# Use Eye Of Gnome as default image viewer
|
||||
photo-viewer eog %i
|
||||
|
||||
# The default to use for the check level when signing a key.
|
||||
default-cert-level 2
|
||||
|
||||
lock-multiple
|
||||
|
||||
expert
|
||||
|
||||
# Add comments to things signed/encrypted by gpg
|
||||
comment Homepage: http://mkaysi.github.com/
|
||||
comment Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
|
||||
comment Public key: http://mkaysi.github.com/PGP/0x82A46728.txt
|
||||
comment gpg --fetch-keys http://mkaysi.github.com/PGP/0x82A46728.txt
|
||||
comment Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
|
||||
comment I have personal problem with PGP/MIME...
|
||||
comment ...so signature *IS* long. See http://git.io/6FLzWg
|
||||
comment I have personal problem with PGP/MIME...
|
||||
comment ...so signature *IS* long. See http://git.io/6FLzWg
|
||||
comment Please remove PGP lines in replies. http://git.io/nvHrDg
|
||||
comment Charset of this message should be UTF-8.
|
||||
|
||||
|
|
|
|||
33
gpg.conf
33
gpg.conf
|
|
@ -23,6 +23,9 @@
|
|||
# This is one of the most used keyservers as far as I know.
|
||||
keyserver pool.sks-keyservers.net
|
||||
|
||||
# Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address.
|
||||
auto-key-locate keyserver
|
||||
|
||||
# Use my key by default
|
||||
#default-key 0x4DB53CFE82A46728 # MKAYSIGREP # MKAYSIGREPGPG
|
||||
|
||||
|
|
@ -34,6 +37,7 @@ default-recipient-self
|
|||
|
||||
# Use UTF-8 charset
|
||||
charset UTF-8
|
||||
display-charset utf-8
|
||||
|
||||
# use GPG Agent to avoid retyping passphrase very ofoten.
|
||||
use-agent
|
||||
|
|
@ -41,15 +45,40 @@ use-agent
|
|||
# Do everything in ASCII format by default instead of binary
|
||||
armor
|
||||
|
||||
keyserver-options auto-key-retrieve no-include-revoked verbose #import-clean
|
||||
keyserver-options auto-key-retrieve no-include-revoked verbose honor-keyserver-url #import-clean
|
||||
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
|
||||
|
||||
# Use other SHAs than SHA1 if possible. I think that everyone who I use GPG with use enough up-to-date version to support other SHAs than SHA1.
|
||||
personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
|
||||
personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
|
||||
personal-compress-preferences BZIP2,ZLIB,ZIP
|
||||
|
||||
# Default preferences
|
||||
default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
|
||||
default-keyserver-url hkp://pool.sks-keyservers.net
|
||||
|
||||
# Forcing preferred settings even if it's against OpenPGP standards
|
||||
#digest-algo SHA512
|
||||
#compress-algo BZIP2
|
||||
|
||||
no-allow-non-selfsigned-uid
|
||||
no-ask-sig-expire
|
||||
default-sig-expire 0
|
||||
|
||||
allow-multiple-messages
|
||||
|
||||
# Show the LONG KEYID by default and tell that it's hexadecimal string.
|
||||
keyid-format 0xLONG
|
||||
|
||||
# Use Eye Of Gnome as default image viewer
|
||||
photo-viewer eog %i
|
||||
|
||||
# The default to use for the check level when signing a key.
|
||||
default-cert-level 2
|
||||
|
||||
lock-multiple
|
||||
|
||||
expert
|
||||
|
||||
# Add comments to things signed/encrypted by gpg
|
||||
#comment Homepage: http://mkaysi.github.com/ # MKAYSIGREP MKAYSIGREPGPG
|
||||
#comment Public key: http://mkaysi.github.com/PGP/0x82A46728.txt # MKAYSIGREP MKAYSIGREPGPG
|
||||
|
|
|
|||
Loading…
Reference in New Issue