diff options
author | Tom Ryder <tom@sanctum.geek.nz> | 2013-11-04 17:33:22 +1300 |
---|---|---|
committer | Tom Ryder <tom@sanctum.geek.nz> | 2013-11-04 17:33:22 +1300 |
commit | 6af478dd526d9ec1edbc3fd4d4f9a68d67acf13a (patch) | |
tree | 95b2bc4ba4acee52d9af10501f0b20f9e284ef4d /gnupg | |
parent | Bash 2.0 compatible syntax; type -P is new (diff) | |
download | dotfiles-6af478dd526d9ec1edbc3fd4d4f9a68d67acf13a.tar.gz dotfiles-6af478dd526d9ec1edbc3fd4d4f9a68d67acf13a.zip |
Add commentary to the cryptic GnuPG conf file
Diffstat (limited to 'gnupg')
-rw-r--r-- | gnupg/gpg.conf | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf index 2173f954..aa63f256 100644 --- a/gnupg/gpg.conf +++ b/gnupg/gpg.conf @@ -1,16 +1,50 @@ +# Prevent boilerplate about needing key decryption, which is handled by the +# agent; occasionally this needs to be overriden with --no-batch. I like my +# programs to be as quiet as possible unless I specifically ask them otherwise batch + +# Use SHA512 as the hash when making key signatures cert-digest-algo SHA512 + +# Specify the hash algorithms to be used for new keys as available default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed + +# In the absence of any other recipient, encrypt messages for myself default-recipient-self + +# Show complete dates and use proper column separation for --with-colon listing mode fixed-list-mode + +# Use 16-character key IDs as the default 8-character key IDs can be forged keyid-format 0xlong + +# Use a pool of servers which support HKPS (encrypted key retrieval) keyserver hkps://hkps.pool.sks-keyservers.net + +# Retrieve keys automatically; check the keyserver port cert; use whichever +# server is proffered from the pool keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url + +# Include trust/validity for UIDs in listings list-options show-uid-validity + +# Suppress the copyright message no-greeting + +# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest +# common denominator in hashing algorithms personal-digest-preferences SHA512 + +# Suppress a lot of output; sometimes I add --verbose to undo this quiet + +# Use the GPG agent for key management and decryption use-agent + +# Include trust/validity for UIDs when verifying signatures verify-options show-uid-validity + +# Assume "yes" is the answer to most questions, that is, don't keep asking me +# to confirm something I've asked to be done yes |