Mercurial > hg > cc > cirrus_home
comparison .gnupg/gpg.conf @ 63:d39fd9c7f1be
misc
| author | Henry S. Thompson <ht@inf.ed.ac.uk> |
|---|---|
| date | Fri, 24 Apr 2020 19:55:11 +0100 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 62:346298ac3ab9 | 63:d39fd9c7f1be |
|---|---|
| 1 # Options for GnuPG | |
| 2 # Copyright 1998, 1999, 2000, 2001, 2002, 2003, | |
| 3 # 2010 Free Software Foundation, Inc. | |
| 4 # | |
| 5 # This file is free software; as a special exception the author gives | |
| 6 # unlimited permission to copy and/or distribute it, with or without | |
| 7 # modifications, as long as this notice is preserved. | |
| 8 # | |
| 9 # This file is distributed in the hope that it will be useful, but | |
| 10 # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the | |
| 11 # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
| 12 # | |
| 13 # Unless you specify which option file to use (with the command line | |
| 14 # option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf | |
| 15 # by default. | |
| 16 # | |
| 17 # An options file can contain any long options which are available in | |
| 18 # GnuPG. If the first non white space character of a line is a '#', | |
| 19 # this line is ignored. Empty lines are also ignored. | |
| 20 # | |
| 21 # See the man page for a list of options. | |
| 22 | |
| 23 # Uncomment the following option to get rid of the copyright notice | |
| 24 | |
| 25 #no-greeting | |
| 26 | |
| 27 # If you have more than 1 secret key in your keyring, you may want to | |
| 28 # uncomment the following option and set your preferred keyid. | |
| 29 | |
| 30 #default-key 621CC013 | |
| 31 | |
| 32 # If you do not pass a recipient to gpg, it will ask for one. Using | |
| 33 # this option you can encrypt to a default key. Key validation will | |
| 34 # not be done in this case. The second form uses the default key as | |
| 35 # default recipient. | |
| 36 | |
| 37 #default-recipient some-user-id | |
| 38 #default-recipient-self | |
| 39 | |
| 40 # By default GnuPG creates version 4 signatures for data files as | |
| 41 # specified by OpenPGP. Some earlier (PGP 6, PGP 7) versions of PGP | |
| 42 # require the older version 3 signatures. Setting this option forces | |
| 43 # GnuPG to create version 3 signatures. | |
| 44 | |
| 45 #force-v3-sigs | |
| 46 | |
| 47 # Because some mailers change lines starting with "From " to ">From " | |
| 48 # it is good to handle such lines in a special way when creating | |
| 49 # cleartext signatures; all other PGP versions do it this way too. | |
| 50 # To enable full OpenPGP compliance you may want to use this option. | |
| 51 | |
| 52 #no-escape-from-lines | |
| 53 | |
| 54 # When verifying a signature made from a subkey, ensure that the cross | |
| 55 # certification "back signature" on the subkey is present and valid. | |
| 56 # This protects against a subtle attack against subkeys that can sign. | |
| 57 # Defaults to --no-require-cross-certification. However for new | |
| 58 # installations it should be enabled. | |
| 59 | |
| 60 require-cross-certification | |
| 61 | |
| 62 | |
| 63 # If you do not use the Latin-1 (ISO-8859-1) charset, you should tell | |
| 64 # GnuPG which is the native character set. Please check the man page | |
| 65 # for supported character sets. This character set is only used for | |
| 66 # metadata and not for the actual message which does not undergo any | |
| 67 # translation. Note that future version of GnuPG will change to UTF-8 | |
| 68 # as default character set. | |
| 69 | |
| 70 #charset utf-8 | |
| 71 | |
| 72 # Group names may be defined like this: | |
| 73 # group mynames = paige 0x12345678 joe patti | |
| 74 # | |
| 75 # Any time "mynames" is a recipient (-r or --recipient), it will be | |
| 76 # expanded to the names "paige", "joe", and "patti", and the key ID | |
| 77 # "0x12345678". Note there is only one level of expansion - you | |
| 78 # cannot make an group that points to another group. Note also that | |
| 79 # if there are spaces in the recipient name, this will appear as two | |
| 80 # recipients. In these cases it is better to use the key ID. | |
| 81 | |
| 82 #group mynames = paige 0x12345678 joe patti | |
| 83 | |
| 84 # Some old Windows platforms require 8.3 filenames. If your system | |
| 85 # can handle long filenames, uncomment this. | |
| 86 | |
| 87 #no-mangle-dos-filenames | |
| 88 | |
| 89 # Lock the file only once for the lifetime of a process. If you do | |
| 90 # not define this, the lock will be obtained and released every time | |
| 91 # it is needed - normally this is not needed. | |
| 92 | |
| 93 #lock-once | |
| 94 | |
| 95 # GnuPG can send and receive keys to and from a keyserver. These | |
| 96 # servers can be HKP, email, or LDAP (if GnuPG is built with LDAP | |
| 97 # support). | |
| 98 # | |
| 99 # Example HKP keyservers: | |
| 100 # hkp://keys.gnupg.net | |
| 101 # | |
| 102 # Example LDAP keyservers: | |
| 103 # ldap://pgp.surfnet.nl:11370 | |
| 104 # | |
| 105 # Regular URL syntax applies, and you can set an alternate port | |
| 106 # through the usual method: | |
| 107 # hkp://keyserver.example.net:22742 | |
| 108 # | |
| 109 # If you have problems connecting to a HKP server through a buggy http | |
| 110 # proxy, you can use keyserver option broken-http-proxy (see below), | |
| 111 # but first you should make sure that you have read the man page | |
| 112 # regarding proxies (keyserver option honor-http-proxy) | |
| 113 # | |
| 114 # Most users just set the name and type of their preferred keyserver. | |
| 115 # Note that most servers (with the notable exception of | |
| 116 # ldap://keyserver.pgp.com) synchronize changes with each other. Note | |
| 117 # also that a single server name may actually point to multiple | |
| 118 # servers via DNS round-robin. hkp://keys.gnupg.net is an example of | |
| 119 # such a "server", which spreads the load over a number of physical | |
| 120 # servers. To see the IP address of the server actually used, you may use | |
| 121 # the "--keyserver-options debug". | |
| 122 | |
| 123 keyserver hkp://keys.gnupg.net | |
| 124 #keyserver http://http-keys.gnupg.net | |
| 125 #keyserver mailto:pgp-public-keys@keys.nl.pgp.net | |
| 126 | |
| 127 # Common options for keyserver functions: | |
| 128 # | |
| 129 # include-disabled = when searching, include keys marked as "disabled" | |
| 130 # on the keyserver (not all keyservers support this). | |
| 131 # | |
| 132 # no-include-revoked = when searching, do not include keys marked as | |
| 133 # "revoked" on the keyserver. | |
| 134 # | |
| 135 # verbose = show more information as the keys are fetched. | |
| 136 # Can be used more than once to increase the amount | |
| 137 # of information shown. | |
| 138 # | |
| 139 # use-temp-files = use temporary files instead of a pipe to talk to the | |
| 140 # keyserver. Some platforms (Win32 for one) always | |
| 141 # have this on. | |
| 142 # | |
| 143 # keep-temp-files = do not delete temporary files after using them | |
| 144 # (really only useful for debugging) | |
| 145 # | |
| 146 # honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy | |
| 147 # environment variable | |
| 148 # | |
| 149 # broken-http-proxy = try to work around a buggy HTTP proxy | |
| 150 # | |
| 151 # auto-key-retrieve = automatically fetch keys as needed from the keyserver | |
| 152 # when verifying signatures or when importing keys that | |
| 153 # have been revoked by a revocation key that is not | |
| 154 # present on the keyring. | |
| 155 # | |
| 156 # no-include-attributes = do not include attribute IDs (aka "photo IDs") | |
| 157 # when sending keys to the keyserver. | |
| 158 | |
| 159 #keyserver-options auto-key-retrieve | |
| 160 | |
| 161 # Uncomment this line to display photo user IDs in key listings and | |
| 162 # when a signature from a key with a photo is verified. | |
| 163 | |
| 164 #show-photos | |
| 165 | |
| 166 # Use this program to display photo user IDs | |
| 167 # | |
| 168 # %i is expanded to a temporary file that contains the photo. | |
| 169 # %I is the same as %i, but the file isn't deleted afterwards by GnuPG. | |
| 170 # %k is expanded to the key ID of the key. | |
| 171 # %K is expanded to the long OpenPGP key ID of the key. | |
| 172 # %t is expanded to the extension of the image (e.g. "jpg"). | |
| 173 # %T is expanded to the MIME type of the image (e.g. "image/jpeg"). | |
| 174 # %f is expanded to the fingerprint of the key. | |
| 175 # %% is %, of course. | |
| 176 # | |
| 177 # If %i or %I are not present, then the photo is supplied to the | |
| 178 # viewer on standard input. If your platform supports it, standard | |
| 179 # input is the best way to do this as it avoids the time and effort in | |
| 180 # generating and then cleaning up a secure temp file. | |
| 181 # | |
| 182 # The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" | |
| 183 # On Mac OS X and Windows, the default is to use your regular JPEG image | |
| 184 # viewer. | |
| 185 # | |
| 186 # Some other viewers: | |
| 187 # photo-viewer "qiv %i" | |
| 188 # photo-viewer "ee %i" | |
| 189 # photo-viewer "display -title 'KeyID 0x%k'" | |
| 190 # | |
| 191 # This one saves a copy of the photo ID in your home directory: | |
| 192 # photo-viewer "cat > ~/photoid-for-key-%k.%t" | |
| 193 # | |
| 194 # Use your MIME handler to view photos: | |
| 195 # photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" | |
| 196 |