gpg.conf: Use hkps keyserver

This commit is contained in:
Mika Suomalainen 2013-02-26 11:45:35 +02:00
parent 7f8bd20baf
commit dca55f5ecf
5 changed files with 44 additions and 8 deletions

View File

@ -1,7 +1,8 @@
# Options for GnuPG # Options for GnuPG
# Copyright 1998, 1999, 2000, 2001, 2002, 2003, # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
# 2010 Free Software Foundation, Inc. # 2010 Free Software Foundation, Inc.
# 2012 Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gpg.conf # 2012,
# 2013 Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gpg.conf
# This file is free software; as a special exception the author gives # This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without # unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved. # modifications, as long as this notice is preserved.
@ -21,7 +22,10 @@
# See the man page for a list of options. # See the man page for a list of options.
# This is one of the most used keyservers as far as I know. # This is one of the most used keyservers as far as I know.
keyserver pool.sks-keyservers.net keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=~/.gnupg/sks-keyservers.netCA.pem auto-key-retrieve no-include-revoked verbose no-honor-keyserver-url import-clean
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
# Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address. # Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address.
auto-key-locate keyserver auto-key-locate keyserver
@ -45,9 +49,6 @@ use-agent
# Do everything in ASCII format by default instead of binary # Do everything in ASCII format by default instead of binary
armor armor
keyserver-options auto-key-retrieve no-include-revoked verbose honor-keyserver-url import-clean
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
personal-cipher-preferences AES256,AES192,AES,CAST5,3DES personal-cipher-preferences AES256,AES192,AES,CAST5,3DES
personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5 personal-digest-preferences SHA512,SHA384,SHA256,SHA224,RIPEMD160,SHA1,MD5
personal-compress-preferences BZIP2,ZLIB,ZIP personal-compress-preferences BZIP2,ZLIB,ZIP

View File

@ -4,6 +4,7 @@ cat .bash_aliases.MKAYSIGREP > ~/.bash_aliases
cat .zsh_aliases.MKAYSIGREP > ~/.zsh_aliases cat .zsh_aliases.MKAYSIGREP > ~/.zsh_aliases
cat .gitconfig.MKAYSIGREP > ~/.gitconfig cat .gitconfig.MKAYSIGREP > ~/.gitconfig
mkdir -p ~/.gnupg mkdir -p ~/.gnupg
cat sks-keyservers.netCA.pem > ~/.gnupg/sks-keyservers.netCA.pem
cat .gpg.conf.MKAYSIGREP > ~/.gnupg/gpg.conf cat .gpg.conf.MKAYSIGREP > ~/.gnupg/gpg.conf
cat gpg-agent.conf > ~/.gnupg/gpg-agent.conf cat gpg-agent.conf > ~/.gnupg/gpg-agent.conf
cat .pastebinit.xml.MKAYSIGREP > ~/.pastebinit.xml cat .pastebinit.xml.MKAYSIGREP > ~/.pastebinit.xml

View File

@ -1,7 +1,8 @@
# Options for GnuPG # Options for GnuPG
# Copyright 1998, 1999, 2000, 2001, 2002, 2003, # Copyright 1998, 1999, 2000, 2001, 2002, 2003,
# 2010 Free Software Foundation, Inc. # 2010 Free Software Foundation, Inc.
# 2012 Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gpg.conf # 2012,
# 2013 Mika Suomalainen (Mkaysi) https://raw.github.com/Mkaysi/shell-things/master/gpg.conf
# This file is free software; as a special exception the author gives # This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without # unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved. # modifications, as long as this notice is preserved.
@ -21,7 +22,8 @@
# See the man page for a list of options. # See the man page for a list of options.
# This is one of the most used keyservers as far as I know. # This is one of the most used keyservers as far as I know.
keyserver pool.sks-keyservers.net keyserver hkps://hkps.pool.sks-keyservers.net
keyserver-options ca-cert-file=~/.gnupg/sks-keyservers.netCA.pem auto-key-retrieve no-include-revoked verbose no-honor-keyserver-url import-clean
# Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address. # Try to automatically find keys from keyserver if key for email address isn't found, but we are encrypting to email address.
auto-key-locate keyserver auto-key-locate keyserver
@ -45,7 +47,6 @@ use-agent
# Do everything in ASCII format by default instead of binary # Do everything in ASCII format by default instead of binary
armor armor
keyserver-options auto-key-retrieve no-include-revoked verbose honor-keyserver-url import-clean
# Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys. # Note to self: import-clean = delete signatures from unknown keys || import-minimal = remove all signatures from keys.
personal-cipher-preferences AES256,AES192,AES,CAST5,3DES personal-cipher-preferences AES256,AES192,AES,CAST5,3DES

View File

@ -8,6 +8,7 @@ cat vimrc > ~/.vimrc
mkdir -p ~/.gnupg mkdir -p ~/.gnupg
cat gpg.conf > ~/.gnupg/gpg.conf cat gpg.conf > ~/.gnupg/gpg.conf
cat gpg-agent.conf > ~/.gnupg/gpg-agent.conf cat gpg-agent.conf > ~/.gnupg/gpg-agent.conf
cat sks-keyservers.netCA.pem > ~/.gnupg/sks-keyservers.netCA.pem
cat xsessionrc > ~/.xsessionrc cat xsessionrc > ~/.xsessionrc
cat xinitrc > ~/.xinitrc cat xinitrc > ~/.xinitrc
cat pastebinit.xml > ~/.pastebinit.xml cat pastebinit.xml > ~/.pastebinit.xml

32
sks-keyservers.netCA.pem Normal file
View File

@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
-----END CERTIFICATE-----