99299798cc
gpg.conf: add the sender option
2020-02-26 15:02:27 +02:00
ec9206ce5d
gpg.conf: fix local-user/encrypt-to
...
Resolves : #61
2020-02-26 14:53:52 +02:00
e2864daf2a
update PrivacyTools groupline (Jonah's key)
2020-02-26 14:48:03 +02:00
8b8a92c7bc
0x99392F62BAE30723.asc: update with subkey
2020-02-18 17:02:00 +02:00
30bf67be46
gpg.conf: with-keygrip
2020-02-18 01:55:29 +02:00
79fce8ec02
keys/ssh: replace WTOP with gpg
2020-02-18 01:25:24 +02:00
1d2cb235d2
begin cleaning up bash/zshrcs
2020-02-13 14:14:33 +02:00
66e56453ad
.mikaela: throw .signature to git as signature
2020-02-11 14:48:54 +02:00
eb748c60fc
gpg: add show-keyring,show-sig-expire to list-options
...
Resolves : #52
2020-02-10 23:29:31 +02:00
968db01ee0
.mikaela/gpg.conf: add group support@privacytools.io
2020-01-31 11:00:57 +02:00
3e9dd19232
gpg.conf: disable TOFU's positive trust
...
As I have the pgp-alt-wot repository and am building my own Web of
Trust and lsign, I have no reason to have positive trust values.
2020-01-30 20:23:16 +02:00
4b09dd466e
gpg.conf: restore encrypt-to lines
2019-12-11 12:46:33 +02:00
7658e354ba
gpg.conf: enable dane key locating
2019-12-11 12:46:33 +02:00
024284af0d
gitconfig: force gpg2 + sign annotated tags
2019-12-11 12:46:32 +02:00
Mikaela Suomalainen
4be60dbd19
gpg.conf: keyserver-option no-self-sigs-only
...
Fixes `gpg --fetch-keys` for my workflow plan of attempting to fetch my
signatures on keys I trust from somewhat trustworthy place.
2019-12-10 13:56:55 +02:00
ca1bebb094
gpg.conf: trusted-key, cert levels, cert expiry
2019-12-07 19:02:23 +02:00
0e0ce5216f
gpg.conf: use local-user instead of default-key
2019-12-07 00:18:29 +02:00
fd93def2f3
gpg.conf: enable TOFU
2019-12-06 23:23:36 +02:00
9026e8035d
gpg.conf: add wkd hashes
...
as I seem to use them increasingly often
2019-12-06 20:55:58 +02:00
a79c183f86
gpg.conf: no keyserver options, document confusion
2019-12-06 20:22:32 +02:00
77344b444e
gpg.conf: note keyserver-options reason + remove old comment
2019-12-06 19:44:49 +02:00
fc4a1c55bf
gpg.conf: put the default key on top
2019-12-06 19:41:24 +02:00
d4885fbf6c
gpg.conf: heavy cleanup
2019-12-06 19:40:00 +02:00
9721197067
gpg: add auto-key-retrieve
2019-12-05 14:51:13 +02:00
0e0cf2f458
gpg.conf: adjust keyserver-options & auto-key-locate
2019-12-03 00:48:35 +02:00
78d5d9a33a
gpg.conf: export-minimal -> export-clean
...
Partially reverts 0130d0b512
&
4c088c29ea
It appears that some sort of WoT is still necessary for me and it may
not be as dead as I declared it four months ago.
2019-12-02 21:18:59 +02:00
efd25e8390
0x99392F62BAE30723.asc: add two uids
2019-12-01 20:55:18 +02:00
2d1c3c2f9f
.mikaela/keys: update PGP keys
2019-11-24 10:56:12 +02:00
3560b625cb
update gitconfig to include the new key
2019-11-23 23:30:06 +02:00
36038cddee
gpg: move to 0x99392F62BAE30723
2019-11-23 23:19:53 +02:00
Mikaela Suomalainen
16f5e3b200
Add my work try-out-practice GPG key
2019-11-20 11:15:39 +02:00
32f4ba3c58
ssh keys: add work try-out-practice key
...
This key will be on my work try-out-practice device and is going to be
deprecated after it's over.
2019-11-07 21:45:05 +02:00
b71c9c8e18
ssh: deprecate Nokia 1 key
...
I have no idea what the password is.
2019-11-07 21:44:19 +02:00
cf5b532dc0
ssh keys: deprecate the RSA key
...
I hope it won't be needed anywhere anymore as I have been using the
other one for ages. I am making this as an separate commit for easy
reverting in case I am wrong.
2019-11-07 21:43:28 +02:00
f0a768ad19
gpg.conf: add no-emit-version
...
Closes : #20
2019-08-26 20:35:43 +03:00
4c088c29ea
gpg.conf: import-clean for cases like Tails
...
Context: https://tails.boum.org/install/expert/usb/index.en.html
2019-08-01 14:08:40 +03:00
0130d0b512
gpg.conf: declare WoT dead & no-comments
...
* export-clean & import-clean are now done
* my gpg won't output the comments anymore
Resolves : #125
2019-08-01 12:21:00 +03:00
fa0478d82b
update the PGP key
...
ref: #119
2019-07-01 11:57:58 +03:00
a7b1880469
gpg: use keys.openpgp.org
...
Closes #119
2019-07-01 11:47:27 +03:00
95bcf095df
VerifyHostKeyByDNS is supposed to be yes
...
fix previous commit, I imagine I changed it by accident.
2019-05-11 00:58:00 +03:00
e634ee8863
ssh_config: update comment for VerifyHostKeyDNS
...
OpenSSH is evil and gives you three not-optimal options to this:
A) trust DNSSEC and don't write known_hosts
B) ask whether to trust DNS, but don't bother telling me if it's signed
C) don't even check SSHFP
I see A) as the least evil, but I wish known_hosts was written.
Alternatively B) should tell me whether there is DNSSEC or not, not
only "matching keys found from DNS" or whatever it says always.
2019-05-09 18:44:36 +03:00
4061d3daa2
.mikaela/keys/ssh: add Nokia1 key
...
goal: not have it on any other device and use it for emergency access on
my most used hosts.
2018-12-16 23:42:36 +02:00
492cac7158
Revert "ssh_config: controlpersist auto instead of on"
...
This reverts commit 330e8a80ad
.
I got complaining about bad value
2018-10-11 13:45:31 +03:00
330e8a80ad
ssh_config: controlpersist auto instead of on
...
just in case that would be used for tracking and hoping that SSH is
clever enough.
2018-10-07 21:12:08 +03:00
b8bda9cf49
ssh_config: use more private ControlPath
2018-10-07 20:54:41 +03:00
cc39aa3a2e
gpg.conf: comment things I don't understand etc.
...
keyserver is not needed with GPGv2, I have no idea what some of those
options do and thus have suspect that they make my GPG more insecure and
I have used MATE for years and don't have eog available.
2018-09-18 21:37:28 +03:00
faed9737c0
ssh config: forwarding for Glowing Bear
2017-03-08 21:02:11 +02:00
954a3b7b93
update config
2017-01-12 12:42:37 +02:00
9c219aa7b3
gitconfig: add new options
...
closes #88
2016-06-20 19:00:04 +03:00
d123b88b84
gitconfig: more on signing
2016-04-10 11:54:19 +03:00