gpg.conf: heavy cleanup

This commit is contained in:
Aminda Suomalainen 2019-12-06 19:40:00 +02:00
parent 3c2e08f7d0
commit d4885fbf6c
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
2 changed files with 7 additions and 84 deletions

View File

@ -20,9 +20,7 @@
#
# See the man page for a list of options.
#keyserver-options auto-key-retrieve no-include-revoked
#import-clean
# Ignore preferred keyserver, clean up imports (as import/export options)
# Ignore preferred keyserver, remove signatures from keys not in keyring
keyserver-options no-honor-keyserver-url import-clean
# Try to automatically find keys from local/wkd if key for email address isn't found, but we are encrypting to email address.
@ -34,14 +32,11 @@ default-key 0x99392F62BAE30723
# WTOP
#default-key 0xDC189FE6FA9BD685
# Encrypt to sender's key by default
default-recipient-self
# Always encrypt to my key
encrypt-to 0x99392F62BAE30723
# WTOP
#default-key 0xDC189FE6FA9BD685
# I don't think there is point in "encrypt-to 0xOWNKEYID, because there
# is the default-recipient-self above.
# Use UTF-8 charset
charset UTF-8
@ -55,44 +50,10 @@ armor
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
#personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
#personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
#personal-compress-preferences BZIP2,ZLIB,ZIP
# Default preferences
#default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
# Forcing preferred settings even if it's against OpenPGP standards
#cert-digest-algo SHA512
#digest-algo SHA512
#compress-algo BZIP2
#no-allow-non-selfsigned-uid
#allow-multiple-messages
# Show the LONG KEYID and fingerprint by default and tell that it's hexadecimal string.
keyid-format 0xLONG
with-fingerprint
# Use Eye Of Gnome as default image viewer
photo-viewer eom %i
# The default to use for the check level when signing a key.
#default-cert-level 2
#lock-multiple
expert
#verbose
#verbose
#verbose
## Web of Trust is dead
# remove unusable signatures, this should allow key verification in cases
# like Tails https://tails.boum.org/install/expert/usb/index.en.html
import-options import-clean
export-options export-clean
# Ask everything
ask-cert-level
ask-cert-expire

View File

@ -20,9 +20,7 @@
#
# See the man page for a list of options.
#keyserver-options auto-key-retrieve no-include-revoked
#import-clean
# Ignore preferred keyserver, clean up imports (as import/export options)
# Ignore preferred keyserver, remove signatures from keys not in keyring
keyserver-options no-honor-keyserver-url import-clean
# Try to automatically find keys from local/wkd if key for email address isn't found, but we are encrypting to email address.
@ -37,10 +35,8 @@ auto-key-locate local,wkd
# Encrypt to sender's key by default
default-recipient-self
# Always encrypt to my key
#encrypt-to 0x99392F62BAE30723 # MIKAELA_GREP MIKAELA_GREP_GPG
# WTOP
#encrypt-to 0xDC189FE6FA9BD685 # MIKAELA_GREP # MIKAELA_GREP_GPG
# I don't think there is point in "encrypt-to 0xOWNKEYID, because there
# is the default-recipient-self above.
# Use UTF-8 charset
charset UTF-8
@ -54,44 +50,10 @@ armor
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
#personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
#personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
#personal-compress-preferences BZIP2,ZLIB,ZIP
# Default preferences
#default-preference-list AES256,AES192,AES,CAST5,3DES SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 BZIP2,ZLIB,ZIP
# Forcing preferred settings even if it's against OpenPGP standards
#cert-digest-algo SHA512
#digest-algo SHA512
#compress-algo BZIP2
#no-allow-non-selfsigned-uid
#allow-multiple-messages
# Show the LONG KEYID and fingerprint by default and tell that it's hexadecimal string.
keyid-format 0xLONG
with-fingerprint
# Use Eye Of Gnome as default image viewer
photo-viewer eom %i
# The default to use for the check level when signing a key.
#default-cert-level 2
#lock-multiple
expert
#verbose
#verbose
#verbose
## Web of Trust is dead
# remove unusable signatures, this should allow key verification in cases
# like Tails https://tails.boum.org/install/expert/usb/index.en.html
import-options import-clean
export-options export-clean
# Ask everything
ask-cert-level
ask-cert-expire