aboutsummaryrefslogtreecommitdiff
path: root/gnupg/gpg.conf.mi5
blob: 97726d20e92aa9b1cc37659e861d5443dab1cfe0 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Retrieve certs automatically if possible
auto-key-locate cert pka

# Use SHA512 as the hash when making key signatures
cert-digest-algo SHA512

# Specify the hash algorithms to be used for new keys as available
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

# In the absence of any other recipient, encrypt messages for myself
default-recipient-self

# Show complete dates and use proper column separation for --with-colon listing
# mode
fixed-list-mode

# Use only fingerprints as key IDs
keyid-format <% KEYID_FORMAT %>

# Use a pool of servers which support HKPS (encrypted key retrieval)
keyserver <% KEYSERVER %>

# Retrieve keys automatically; check the keyserver port cert; use whichever
# server is proffered from the pool
keyserver-options auto-key-retrieve no-honor-keyserver-url

# Include trust/validity for UIDs in listings
list-options show-uid-validity

# Suppress the copyright message
no-greeting

# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest
# common denominator in hashing algorithms
personal-digest-preferences SHA512

# Suppress a lot of output; sometimes I add --verbose to undo this
quiet

# Use the GPG agent for key management and decryption
use-agent

# Include trust/validity for UIDs when verifying signatures
verify-options pka-lookups show-uid-validity

# Assume "yes" is the answer to most questions, that is, don't keep asking me
# to confirm something I've asked to be done
yes