From bc1d5fb28841f6050605e93886685b3a02e7787a Mon Sep 17 00:00:00 2001 From: Tom Ryder Date: Fri, 2 Jun 2017 22:07:52 +1200 Subject: Use mi5 to make templated shell scripts --- gnupg/gpg.conf.m4.mi5 | 52 --------------------------------------------------- gnupg/gpg.conf.mi5 | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 52 deletions(-) delete mode 100644 gnupg/gpg.conf.m4.mi5 create mode 100644 gnupg/gpg.conf.mi5 (limited to 'gnupg') diff --git a/gnupg/gpg.conf.m4.mi5 b/gnupg/gpg.conf.m4.mi5 deleted file mode 100644 index d8f14c09..00000000 --- a/gnupg/gpg.conf.m4.mi5 +++ /dev/null @@ -1,52 +0,0 @@ -# Retrieve certs automatically if possible -auto-key-locate cert pka - -# Prevent boilerplate about needing key decryption, which is handled by the -# agent; the gpg function in my Bash scripts overrides this for certain -# commands where it interferes -batch - -# Use SHA512 as the hash when making key signatures -cert-digest-algo SHA512 - -# Specify the hash algorithms to be used for new keys as available -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed - -# In the absence of any other recipient, encrypt messages for myself -default-recipient-self - -# Show complete dates and use proper column separation for --with-colon listing mode -fixed-list-mode - -# Use 16-character key IDs as the default 8-character key IDs can be forged -keyid-format 0xlong - -# Use a pool of servers which support HKPS (encrypted key retrieval) -keyserver DF_KEYSERVER - -# Retrieve keys automatically; check the keyserver port cert; use whichever -# server is proffered from the pool -keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url ca-certfile=<% DF_HOME %>/.gnupg/sks-keyservers.net/sks-keyservers.netCA.pem - -# Include trust/validity for UIDs in listings -list-options show-uid-validity - -# Suppress the copyright message -no-greeting - -# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest -# common denominator in hashing algorithms -personal-digest-preferences SHA512 - -# Suppress a lot of output; sometimes I add --verbose to undo this -quiet - -# Use the GPG agent for key management and decryption -use-agent - -# Include trust/validity for UIDs when verifying signatures -verify-options pka-lookups show-uid-validity - -# Assume "yes" is the answer to most questions, that is, don't keep asking me -# to confirm something I've asked to be done -yes diff --git a/gnupg/gpg.conf.mi5 b/gnupg/gpg.conf.mi5 new file mode 100644 index 00000000..d8f14c09 --- /dev/null +++ b/gnupg/gpg.conf.mi5 @@ -0,0 +1,52 @@ +# Retrieve certs automatically if possible +auto-key-locate cert pka + +# Prevent boilerplate about needing key decryption, which is handled by the +# agent; the gpg function in my Bash scripts overrides this for certain +# commands where it interferes +batch + +# Use SHA512 as the hash when making key signatures +cert-digest-algo SHA512 + +# Specify the hash algorithms to be used for new keys as available +default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed + +# In the absence of any other recipient, encrypt messages for myself +default-recipient-self + +# Show complete dates and use proper column separation for --with-colon listing mode +fixed-list-mode + +# Use 16-character key IDs as the default 8-character key IDs can be forged +keyid-format 0xlong + +# Use a pool of servers which support HKPS (encrypted key retrieval) +keyserver DF_KEYSERVER + +# Retrieve keys automatically; check the keyserver port cert; use whichever +# server is proffered from the pool +keyserver-options auto-key-retrieve check-cert no-honor-keyserver-url ca-certfile=<% DF_HOME %>/.gnupg/sks-keyservers.net/sks-keyservers.netCA.pem + +# Include trust/validity for UIDs in listings +list-options show-uid-validity + +# Suppress the copyright message +no-greeting + +# Use SHA512 as my message digest, overriding GnuPG's efforts to use the lowest +# common denominator in hashing algorithms +personal-digest-preferences SHA512 + +# Suppress a lot of output; sometimes I add --verbose to undo this +quiet + +# Use the GPG agent for key management and decryption +use-agent + +# Include trust/validity for UIDs when verifying signatures +verify-options pka-lookups show-uid-validity + +# Assume "yes" is the answer to most questions, that is, don't keep asking me +# to confirm something I've asked to be done +yes -- cgit v1.2.3