mirror of
https://github.com/hcartiaux/dotfiles.git
synced 2024-10-18 09:15:24 +02:00
[gnupg,install] Initial GnuPG configuration
This commit is contained in:
parent
041a6ca930
commit
017e88ee0e
3 changed files with 170 additions and 0 deletions
33
gnupg/gpg-agent.conf
Normal file
33
gnupg/gpg-agent.conf
Normal file
|
@ -0,0 +1,33 @@
|
|||
################################################################################
|
||||
# .gitconfig -- my personal GnuPG configuration
|
||||
# see https://github.com/hcartiaux/dotfiles
|
||||
#
|
||||
# Copyright (c) 2017 Hyacinthe Cartiaux <hyacinthe.cartiaux@uni.lu>
|
||||
# _ __
|
||||
# __ _ _ __ __ _ __ _ __ _ ___ _ __ | |_ ___ ___ _ __ / _|
|
||||
# / _` | '_ \ / _` |_____ / _` |/ _` |/ _ \ '_ \| __| / __/ _ \| '_ \| |_
|
||||
# | (_| | |_) | (_| |_____| (_| | (_| | __/ | | | |_ | (_| (_) | | | | _|
|
||||
# \__, | .__/ \__, | \__,_|\__, |\___|_| |_|\__(_)___\___/|_| |_|_|
|
||||
# |___/|_| |___/ |___/
|
||||
#
|
||||
################################################################################
|
||||
|
||||
# PIN entry program
|
||||
|
||||
pinentry-program /usr/bin/pinentry-qt
|
||||
|
||||
# Cache settings
|
||||
|
||||
default-cache-ttl 86400
|
||||
max-cache-ttl 864000
|
||||
|
||||
default-cache-ttl-ssh 86400
|
||||
max-cache-ttl-ssh 864000
|
||||
|
||||
###+++--- GPGConf ---+++###
|
||||
debug-level basic
|
||||
log-file socket:///home/hcartiaux/.gnupg/log-socket
|
||||
###+++--- GPGConf ---+++### ven. 26 févr. 2016 15:58:47 CET
|
||||
# GPGConf edited this configuration file.
|
||||
# It will disable options before this marked block, but it will
|
||||
# never change anything below these lines.
|
133
gnupg/gpg.conf
Normal file
133
gnupg/gpg.conf
Normal file
|
@ -0,0 +1,133 @@
|
|||
################################################################################
|
||||
# .gitconfig -- my personal GnuPG configuration
|
||||
# see https://github.com/hcartiaux/dotfiles
|
||||
#
|
||||
# Copyright (c) 2017 Hyacinthe Cartiaux <hyacinthe.cartiaux@uni.lu>
|
||||
# __
|
||||
# __ _ _ __ __ _ ___ ___ _ __ / _|
|
||||
# / _` | '_ \ / _` | / __/ _ \| '_ \| |_
|
||||
# | (_| | |_) | (_| || (_| (_) | | | | _|
|
||||
# \__, | .__/ \__, (_)___\___/|_| |_|_|
|
||||
# |___/|_| |___/
|
||||
#
|
||||
################################################################################
|
||||
# Resources:
|
||||
# - https://riseup.net/en/security/message-security/openpgp/best-practices
|
||||
# - https://github.com/Falkor/dotfiles
|
||||
#
|
||||
# Options for GnuPG
|
||||
# Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; as a special exception the author gives
|
||||
# unlimited permission to copy and/or distribute it, with or without
|
||||
# modifications, as long as this notice is preserved.
|
||||
#
|
||||
# This file is distributed in the hope that it will be useful, but
|
||||
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||||
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
#
|
||||
# Unless you specify which option file to use (with the command line
|
||||
# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
|
||||
# by default.
|
||||
#
|
||||
# An options file can contain any long options which are available in
|
||||
# GnuPG. If the first non white space character of a line is a '#',
|
||||
# this line is ignored. Empty lines are also ignored.
|
||||
#
|
||||
# See the man page for a list of options.
|
||||
|
||||
|
||||
#-----------------------------
|
||||
# default key
|
||||
#-----------------------------
|
||||
|
||||
# The default key to sign with. If this option is not used, the default key is
|
||||
# the first key found in the secret keyring
|
||||
# If you have more than 1 secret key in your keyring, you may want to
|
||||
# use the following option and set your preferred keyid.
|
||||
|
||||
default-key 37183CEF550DF40B
|
||||
|
||||
|
||||
#-----------------------------
|
||||
# behavior
|
||||
#-----------------------------
|
||||
|
||||
# Uncomment the following option to get rid of the copyright notice
|
||||
no-greeting
|
||||
|
||||
# Disable inclusion of the version string in ASCII armored output
|
||||
no-emit-version
|
||||
|
||||
# Disable comment string in clear text signatures and ASCII armored messages
|
||||
no-comments
|
||||
|
||||
# Display long key IDs
|
||||
keyid-format 0xlong
|
||||
|
||||
# List all keys (or the specified ones) along with their fingerprints
|
||||
with-fingerprint
|
||||
|
||||
# Display the calculated validity of user IDs during key listings
|
||||
list-options show-uid-validity
|
||||
verify-options show-uid-validity
|
||||
|
||||
# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to
|
||||
# the agent before it asks for a passphrase.
|
||||
use-agent
|
||||
|
||||
|
||||
#-----------------------------
|
||||
# keyserver
|
||||
#-----------------------------
|
||||
|
||||
# This is the server that --recv-keys, --send-keys, and --search-keys will
|
||||
# communicate with to receive keys from, send keys to, and search for keys on
|
||||
keyserver hkps://hkps.pool.sks-keyservers.net
|
||||
|
||||
# Provide a certificate store to override the system default
|
||||
# Get this from https://sks-keyservers.net/sks-keyservers.netCA.pem
|
||||
# :keyserver-options ca-cert-file=/usr/local/etc/ssl/certs/hkps.pool.sks-keyservers.net.pem
|
||||
keyserver-options ca-cert-file=~/.gnupg/certs/sks-keyservers.netCA.pem
|
||||
|
||||
# Default key server
|
||||
keyserver https://pgp.mit.edu/
|
||||
|
||||
# Don't leak DNS, see https://trac.torproject.org/projects/tor/ticket/2846
|
||||
keyserver-options no-try-dns-srv
|
||||
|
||||
# When using --refresh-keys, if the key in question has a preferred keyserver
|
||||
# URL, then disable use of that preferred keyserver to refresh the key from
|
||||
keyserver-options no-honor-keyserver-url
|
||||
|
||||
use-agent
|
||||
|
||||
|
||||
#-----------------------------
|
||||
# algorithm and ciphers
|
||||
#-----------------------------
|
||||
|
||||
# list of personal digest preferences. When multiple digests are supported by
|
||||
# all recipients, choose the strongest one
|
||||
personal-cipher-preferences AES256 AES192 AES CAST5
|
||||
|
||||
# list of personal digest preferences. When multiple ciphers are supported by
|
||||
# all recipients, choose the strongest one
|
||||
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
|
||||
|
||||
# message digest algorithm used when signing a key
|
||||
cert-digest-algo SHA512
|
||||
|
||||
# This preference list is used for new keys and becomes the default for
|
||||
# "setpref" in the edit menu
|
||||
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
|
||||
|
||||
|
||||
###+++--- GPGConf ---+++###
|
||||
utf8-strings
|
||||
debug-level basic
|
||||
log-file socket:///home/hcartiaux/.gnupg/log-socket
|
||||
###+++--- GPGConf ---+++### ven. 26 févr. 2016 15:58:47 CET
|
||||
# GPGConf edited this configuration file.
|
||||
# It will disable options before this marked block, but it will
|
||||
# never change anything below these lines.
|
|
@ -97,6 +97,10 @@ else
|
|||
ln -sf $DOTFILES/wget/wgetrc ~/.wgetrc
|
||||
fi
|
||||
|
||||
# GnuPG
|
||||
|
||||
ln -sf $DOTFILES/gnupg/gpg.conf ~/.gnupg/gpg.conf
|
||||
ln -sf $DOTFILES/gnupg/gpg-agent.conf ~/.gnupg/gpg-agent.conf
|
||||
|
||||
[[ "$HOST" = "$MYLAPTOP" ]] && (
|
||||
|
||||
|
|
Loading…
Reference in a new issue