aboutsummaryrefslogtreecommitdiff
path: root/gnupg
Commit message (Collapse)AuthorAgeFilesLines
* Break up some long linesTom Ryder2018-12-261-1/+2
|
* Allow specifying GnuPG --keyid-format at buildTom Ryder2017-12-291-1/+1
| | | | | Old versions of gpg(1) don't support "none" as a --keyid-format; allow specifying it as a Makefile variable KEYID_FORMAT.
* Use only fingerprints for GnuPG keysTom Ryder2017-12-291-2/+2
| | | | The manual page for gpg(1) says this is the safest way to do it.
* Remove --batch option and wrapper for gpg(1)Tom Ryder2017-12-291-5/+0
| | | | | | | | This was originally added to cut the decryption boilerplate, which no longer seems to be an issue; I think that --quiet may be correctly blocking it now. Even without this, it caused more problems than it solved when gpg(1) genuinely did need user interaction from me, for example for --update-trustdb.
* Remove deprecated keyserver optionsTom Ryder2017-06-255-85/+1
| | | | | | | | | | | | | | | | | | | | > gpg: keyserver option 'check-cert' is obsolete > gpg: keyserver option 'ca-certfile' is unknown > gpg (GnuPG) 2.1.18 > libgcrypt 1.7.6-beta > Copyright (C) 2017 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > Home: /home/tom/.gnupg > Supported algorithms: > Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, > CAMELLIA128, CAMELLIA192, CAMELLIA256 > Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
* Refactor m4 macro namesTom Ryder2017-06-131-2/+2
| | | | mi5(1df) means I can simplify these quite a bit now
* Use mi5 to make templated shell scriptsTom Ryder2017-06-021-0/+0
|
* Move existing .m4 to .m4.mi5Tom Ryder2017-06-021-1/+1
| | | | Along with accompanying Makefile rules and .gitignorances
* Use consistent m4 prefixTom Ryder2017-03-231-2/+2
|
* Allow specifying GnuPG keyserverTom Ryder2017-01-261-1/+1
|
* Update SKS CRLTom Ryder2016-08-221-15/+16
| | | | <https://sks-keyservers.net/verify_tls.php>
* Remove blank lines at end of filesTom Ryder2016-03-283-3/+0
|
* Fix some trailing spacesTom Ryder2015-12-011-1/+1
|
* Generate gpg.conf from m4 template on make callTom Ryder2014-11-135-1/+85
| | | | | | | | | | | | | | | | We have to do this because gpg.conf doesn't understand tilde or environment variable expansion in the configuration file, and the only reliable way to make the ca-cert-file option work between different implementations of gpg(1) and its cURL link is to explicitly specify the path to the CA file. This is probably a better approach than installing the thing as a trusted system CA anyway, which requires root privileges that I don't really want to assume anyone installing this has. I'm also including the CA, CRL, and .pem for the SKS keyservers in this commit. This seems a lesser evil than trying to pull them with cURL or wget at make(1) time.
* Do PKA lookups for keysTom Ryder2014-03-311-1/+4
|
* Stop ``--batch'' breaking things for GnuPGTom Ryder2013-12-111-2/+2
|
* Add commentary to the cryptic GnuPG conf fileTom Ryder2013-11-041-0/+34
|
* Retrieve keys over hkps:// per RiseUp guideTom Ryder2013-10-301-2/+2
| | | | | | | | | | <https://we.riseup.net/riseuplabs+paow/openpgp-best-practices#consider-making-your-default-keyserver-use-a-keyse> The keyserver pool CA needs to be installed for this to work. On Debian: # curl https://sks-keyservers.net/sks-keyservers.netCA.pem \ > /usr/local/share/ca-certificates/sks-keyservers.netCA.crt # update-ca-certificates
* Don't need to specify key ID, only using one nowTom Ryder2013-10-301-1/+0
|
* Add a few best practice settingsTom Ryder2013-10-111-0/+4
| | | | <https://we.riseup.net/riseuplabs+paow/openpgp-best-practices>
* Use closer PGP serverTom Ryder2013-09-251-1/+1
|
* Hold GnuPG keys for longerTom Ryder2013-06-211-2/+2
|
* Make GPG work a little more quietly/transparentlyTom Ryder2013-06-031-0/+3
|
* Add GnuPG configuration filesTom Ryder2013-05-312-0/+13