aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Ryder <tom@sanctum.geek.nz>2019-07-13 16:43:10 +1200
committerTom Ryder <tom@sanctum.geek.nz>2019-07-13 16:43:10 +1200
commit002551cfee260dfb6e2cfd7fd7a0c4d286c3b733 (patch)
tree3d83017fd790356c3564cb1f15ef23ec35a89db9
parentName my i3 workspaces (diff)
downloaddotfiles-002551cfee260dfb6e2cfd7fd7a0c4d286c3b733.tar.gz
dotfiles-002551cfee260dfb6e2cfd7fd7a0c4d286c3b733.zip
Reduce GnuPG config considerably
Pretty sure I just got hit by this: <https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f>
-rw-r--r--.gitignore2
-rw-r--r--Makefile15
-rw-r--r--gnupg/gpg.conf5
-rw-r--r--gnupg/gpg.conf.mi548
4 files changed, 7 insertions, 63 deletions
diff --git a/.gitignore b/.gitignore
index 825395b3..9e71ad86 100644
--- a/.gitignore
+++ b/.gitignore
@@ -174,7 +174,5 @@
/git/template/hooks/pre-commit
/git/template/hooks/prepare-commit-msg
/git/template/hooks/post-update
-/gnupg/gpg.conf
-/gnupg/gpg.conf.m4
/include/mktd.m4
/urxvt/ext/select
diff --git a/Makefile b/Makefile
index d9ca626c..e6fd8d70 100644
--- a/Makefile
+++ b/Makefile
@@ -269,7 +269,7 @@ GIT_TEMPLATE_HOOKS = git/template/hooks/post-update \
git/template/hooks/pre-commit \
git/template/hooks/prepare-commit-msg
-all: $(BINS) git/gitconfig $(GIT_TEMPLATE_HOOKS) gnupg/gpg.conf
+all: $(BINS) git/gitconfig $(GIT_TEMPLATE_HOOKS)
clean distclean:
rm -f -- \
@@ -282,8 +282,6 @@ clean distclean:
dillo/dillorc.m4 \
git/gitconfig \
git/gitconfig.m4 \
- gnupg/gpg.conf \
- gnupg/gpg.conf.m4 \
include/mktd.m4 \
urxvt/ext/select \
vim/dist/*
@@ -338,15 +336,6 @@ git/gitconfig: git/gitconfig.m4
-D SENDMAIL=$(SENDMAIL) \
git/gitconfig.m4 > $@
-KEYSERVER = hkps://hkps.pool.sks-keyservers.net
-KEYID_FORMAT = none
-
-gnupg/gpg.conf: gnupg/gpg.conf.m4
- m4 \
- -D KEYSERVER=$(KEYSERVER) \
- -D KEYID_FORMAT=$(KEYID_FORMAT) \
- gnupg/gpg.conf.m4 > $@
-
MAILDIR = $(HOME)/Mail
install: install-bin \
@@ -433,7 +422,7 @@ install-git: git/gitconfig $(GIT_TEMPLATE_HOOKS)
$(HOME)/.git-template"$${1#git/template}"' \
_ {} \;
-install-gnupg: gnupg/gpg.conf
+install-gnupg:
mkdir -m 0700 -p -- $(HOME)/.gnupg
cp -p -- gnupg/*.conf $(HOME)/.gnupg
diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf
new file mode 100644
index 00000000..1ef5e858
--- /dev/null
+++ b/gnupg/gpg.conf
@@ -0,0 +1,5 @@
+# Suppress the copyright message
+no-greeting
+
+# Use the GPG agent for key management and decryption
+use-agent
diff --git a/gnupg/gpg.conf.mi5 b/gnupg/gpg.conf.mi5
deleted file mode 100644
index 97726d20..00000000
--- a/gnupg/gpg.conf.mi5
+++ /dev/null
@@ -1,48 +0,0 @@
-# Retrieve certs automatically if possible
-auto-key-locate cert pka
-
-# Use SHA512 as the hash when making key signatures
-cert-digest-algo SHA512
-
-# Specify the hash algorithms to be used for new keys as available
-default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
-
-# In the absence of any other recipient, encrypt messages for myself
-default-recipient-self
-
-# Show complete dates and use proper column separation for --with-colon listing
-# mode
-fixed-list-mode
-
-# Use only fingerprints as key IDs
-keyid-format <% KEYID_FORMAT %>
-
-# Use a pool of servers which support HKPS (encrypted key retrieval)
-keyserver <% KEYSERVER %>
-
-# Retrieve keys automatically; check the keyserver port cert; use whichever
-# server is proffered from the pool
-keyserver-options auto-key-retrieve no-honor-keyserver-url
-
-# Include trust/validity for UIDs in listings
-list-options show-uid-validity
-
-# Suppress the copyright message
-no-greeting
-
-# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest
-# common denominator in hashing algorithms
-personal-digest-preferences SHA512
-
-# Suppress a lot of output; sometimes I add --verbose to undo this
-quiet
-
-# Use the GPG agent for key management and decryption
-use-agent
-
-# Include trust/validity for UIDs when verifying signatures
-verify-options pka-lookups show-uid-validity
-
-# Assume "yes" is the answer to most questions, that is, don't keep asking me
-# to confirm something I've asked to be done
-yes