From 6af478dd526d9ec1edbc3fd4d4f9a68d67acf13a Mon Sep 17 00:00:00 2001 From: Tom Ryder Date: Mon, 4 Nov 2013 17:33:22 +1300 Subject: Add commentary to the cryptic GnuPG conf file --- gnupg/gpg.conf | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'gnupg') diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf index 2173f954..aa63f256 100644 --- a/gnupg/gpg.conf +++ b/gnupg/gpg.conf @@ -1,16 +1,50 @@ +# Prevent boilerplate about needing key decryption, which is handled by the +# agent; occasionally this needs to be overriden with --no-batch. I like my +# programs to be as quiet as possible unless I specifically ask them otherwise batch + +# Use SHA512 as the hash when making key signatures cert-digest-algo SHA512 + +# Specify the hash algorithms to be used for new keys as available default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed + +# In the absence of any other recipient, encrypt messages for myself default-recipient-self + +# Show complete dates and use proper column separation for --with-colon listing mode fixed-list-mode + +# Use 16-character key IDs as the default 8-character key IDs can be forged keyid-format 0xlong + +# Use a pool of servers which support HKPS (encrypted key retrieval) keyserver hkps://hkps.pool.sks-keyservers.net + +# Retrieve keys automatically; check the keyserver port cert; use whichever +# server is proffered from the pool keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url + +# Include trust/validity for UIDs in listings list-options show-uid-validity + +# Suppress the copyright message no-greeting + +# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest +# common denominator in hashing algorithms personal-digest-preferences SHA512 + +# Suppress a lot of output; sometimes I add --verbose to undo this quiet + +# Use the GPG agent for key management and decryption use-agent + +# Include trust/validity for UIDs when verifying signatures verify-options show-uid-validity + +# Assume "yes" is the answer to most questions, that is, don't keep asking me +# to confirm something I've asked to be done yes -- cgit v1.2.3