]>
Commit | Line | Data |
---|---|---|
5b61754d MF |
1 | # Options for GnuPG |
2 | # Copyright 1998, 1999, 2000, 2001, 2002, 2003 Free Software Foundation, Inc. | |
3 | # | |
4 | # This file is free software; as a special exception the author gives | |
5 | # unlimited permission to copy and/or distribute it, with or without | |
6 | # modifications, as long as this notice is preserved. | |
7 | # | |
8 | # This file is distributed in the hope that it will be useful, but | |
9 | # WITHOUT ANY WARRANTY, to the extent permitted by law; without even the | |
10 | # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
11 | # | |
12 | # Unless you specify which option file to use (with the command line | |
13 | # option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf | |
14 | # by default. | |
15 | # | |
16 | # An options file can contain any long options which are available in | |
17 | # GnuPG. If the first non white space character of a line is a '#', | |
18 | # this line is ignored. Empty lines are also ignored. | |
19 | # | |
20 | # See the man page for a list of options. | |
21 | ||
22 | # Uncomment the following option to get rid of the copyright notice | |
23 | ||
1afdf944 | 24 | no-greeting |
5b61754d MF |
25 | |
26 | # If you have more than 1 secret key in your keyring, you may want to | |
27 | # uncomment the following option and set your preferred keyid. | |
28 | ||
1afdf944 | 29 | #default-key E837F581 |
5b61754d MF |
30 | |
31 | # If you do not pass a recipient to gpg, it will ask for one. Using | |
32 | # this option you can encrypt to a default key. Key validation will | |
33 | # not be done in this case. The second form uses the default key as | |
34 | # default recipient. | |
35 | ||
36 | #default-recipient some-user-id | |
37 | #default-recipient-self | |
38 | ||
39 | # Use --encrypt-to to add the specified key as a recipient to all | |
40 | # messages. This is useful, for example, when sending mail through a | |
41 | # mail client that does not automatically encrypt mail to your key. | |
42 | # In the example, this option allows you to read your local copy of | |
43 | # encrypted mail that you've sent to others. | |
44 | ||
45 | #encrypt-to some-key-id | |
46 | ||
47 | # By default GnuPG creates version 3 signatures for data files. This | |
48 | # is not strictly OpenPGP compliant but PGP 6 and most versions of PGP | |
49 | # 7 require them. To disable this behavior, you may use this option | |
50 | # or --openpgp. | |
51 | ||
52 | #no-force-v3-sigs | |
53 | ||
54 | # Because some mailers change lines starting with "From " to ">From " | |
55 | # it is good to handle such lines in a special way when creating | |
56 | # cleartext signatures; all other PGP versions do it this way too. | |
57 | # To enable full OpenPGP compliance you may want to use this option. | |
58 | ||
59 | #no-escape-from-lines | |
60 | ||
61 | # If you do not use the Latin-1 (ISO-8859-1) charset, you should tell | |
62 | # GnuPG which is the native character set. Please check the man page | |
63 | # for supported character sets. This character set is only used for | |
64 | # metadata and not for the actual message which does not undergo any | |
65 | # translation. Note that future version of GnuPG will change to UTF-8 | |
66 | # as default character set. In most cases this option is not required | |
67 | # GnuPG is able to figure out the correct charset and use that. | |
68 | ||
69 | #charset utf-8 | |
70 | ||
71 | # Group names may be defined like this: | |
72 | # group mynames = paige 0x12345678 joe patti | |
73 | # | |
74 | # Any time "mynames" is a recipient (-r or --recipient), it will be | |
75 | # expanded to the names "paige", "joe", and "patti", and the key ID | |
76 | # "0x12345678". Note there is only one level of expansion - you | |
77 | # cannot make an group that points to another group. Note also that | |
78 | # if there are spaces in the recipient name, this will appear as two | |
79 | # recipients. In these cases it is better to use the key ID. | |
80 | ||
81 | #group mynames = paige 0x12345678 joe patti | |
82 | ||
83 | # Lock the file only once for the lifetime of a process. If you do | |
84 | # not define this, the lock will be obtained and released every time | |
85 | # it is needed, which is usually preferable. | |
86 | ||
87 | #lock-once | |
88 | ||
89 | # GnuPG can send and receive keys to and from a keyserver. These | |
90 | # servers can be HKP, email, or LDAP (if GnuPG is built with LDAP | |
91 | # support). | |
92 | # | |
93 | # Example HKP keyserver: | |
94 | # hkp://subkeys.pgp.net | |
95 | # | |
96 | # Example email keyserver: | |
97 | # mailto:pgp-public-keys@keys.pgp.net | |
98 | # | |
99 | # Example LDAP keyservers: | |
100 | # ldap://keyserver.pgp.com | |
101 | # | |
102 | # Regular URL syntax applies, and you can set an alternate port | |
103 | # through the usual method: | |
104 | # hkp://keyserver.example.net:22742 | |
105 | # | |
106 | # If you have problems connecting to a HKP server through a buggy http | |
107 | # proxy, you can use keyserver option broken-http-proxy (see below), | |
108 | # but first you should make sure that you have read the man page | |
109 | # regarding proxies (keyserver option honor-http-proxy) | |
110 | # | |
111 | # Most users just set the name and type of their preferred keyserver. | |
112 | # Note that most servers (with the notable exception of | |
113 | # ldap://keyserver.pgp.com) synchronize changes with each other. Note | |
114 | # also that a single server name may actually point to multiple | |
115 | # servers via DNS round-robin. hkp://subkeys.pgp.net is an example of | |
116 | # such a "server", which spreads the load over a number of physical | |
117 | # servers. | |
118 | ||
119 | keyserver hkp://subkeys.pgp.net | |
1afdf944 | 120 | #keyserver hkp://wwwkeys.eu.pgp.net |
5b61754d | 121 | #keyserver mailto:pgp-public-keys@keys.nl.pgp.net |
1afdf944 | 122 | #keyserver ldap://pgp.surfnet.nl:11370 |
5b61754d MF |
123 | #keyserver ldap://keyserver.pgp.com |
124 | ||
125 | # Common options for keyserver functions: | |
126 | # | |
127 | # include-disabled = when searching, include keys marked as "disabled" | |
128 | # on the keyserver (not all keyservers support this). | |
129 | # | |
130 | # no-include-revoked = when searching, do not include keys marked as | |
131 | # "revoked" on the keyserver. | |
132 | # | |
133 | # verbose = show more information as the keys are fetched. | |
134 | # Can be used more than once to increase the amount | |
135 | # of information shown. | |
136 | # | |
137 | # use-temp-files = use temporary files instead of a pipe to talk to the | |
138 | # keyserver. Some platforms (Win32 for one) always | |
139 | # have this on. | |
140 | # | |
141 | # keep-temp-files = do not delete temporary files after using them | |
142 | # (really only useful for debugging) | |
143 | # | |
144 | # honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy | |
145 | # environment variable | |
146 | # | |
147 | # broken-http-proxy = try to work around a buggy HTTP proxy | |
148 | # | |
149 | # auto-key-retrieve = automatically fetch keys as needed from the keyserver | |
150 | # when verifying signatures or when importing keys that | |
151 | # have been revoked by a revocation key that is not | |
152 | # present on the keyring. | |
153 | # | |
154 | # no-include-attributes = do not include attribute IDs (aka "photo IDs") | |
155 | # when sending keys to the keyserver. | |
156 | ||
1afdf944 MF |
157 | keyserver-options timeout=3 |
158 | keyserver-options auto-key-retrieve | |
159 | keyserver-options verbose | |
160 | keyserver-options verbose | |
161 | keyserver-options verbose | |
5b61754d MF |
162 | |
163 | # Display photo user IDs in key listings | |
164 | ||
165 | # list-options show-photos | |
166 | ||
167 | # Display photo user IDs when a signature from a key with a photo is | |
168 | # verified | |
169 | ||
170 | # verify-options show-photos | |
171 | ||
172 | # Use this program to display photo user IDs | |
173 | # | |
174 | # %i is expanded to a temporary file that contains the photo. | |
175 | # %I is the same as %i, but the file isn't deleted afterwards by GnuPG. | |
176 | # %k is expanded to the key ID of the key. | |
177 | # %K is expanded to the long OpenPGP key ID of the key. | |
178 | # %t is expanded to the extension of the image (e.g. "jpg"). | |
179 | # %T is expanded to the MIME type of the image (e.g. "image/jpeg"). | |
180 | # %f is expanded to the fingerprint of the key. | |
181 | # %% is %, of course. | |
182 | # | |
183 | # If %i or %I are not present, then the photo is supplied to the | |
184 | # viewer on standard input. If your platform supports it, standard | |
185 | # input is the best way to do this as it avoids the time and effort in | |
186 | # generating and then cleaning up a secure temp file. | |
187 | # | |
188 | # If no photo-viewer is provided, GnuPG will look for xloadimage, eog, | |
189 | # or display (ImageMagick). On Mac OS X and Windows, the default is | |
190 | # to use your regular JPEG image viewer. | |
191 | # | |
192 | # Some other viewers: | |
193 | # photo-viewer "qiv %i" | |
194 | # photo-viewer "ee %i" | |
195 | # | |
196 | # This one saves a copy of the photo ID in your home directory: | |
197 | # photo-viewer "cat > ~/photoid-for-key-%k.%t" | |
198 | # | |
199 | # Use your MIME handler to view photos: | |
200 | # photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" | |
201 | ||
202 | # Passphrase agent | |
203 | # | |
204 | # We support the old experimental passphrase agent protocol as well as | |
205 | # the new Assuan based one (currently available in the "newpg" package | |
206 | # at ftp.gnupg.org/gcrypt/alpha/aegypten/). To make use of the agent, | |
207 | # you have to run an agent as daemon and use the option | |
208 | # | |
1afdf944 | 209 | use-agent |
5b61754d MF |
210 | # |
211 | # which tries to use the agent but will fallback to the regular mode | |
212 | # if there is a problem connecting to the agent. The normal way to | |
213 | # locate the agent is by looking at the environment variable | |
214 | # GPG_AGENT_INFO which should have been set during gpg-agent startup. | |
215 | # In certain situations the use of this variable is not possible, thus | |
216 | # the option | |
217 | # | |
218 | # --gpg-agent-info=<path>:<pid>:1 | |
219 | # | |
220 | # may be used to override it. | |
221 | ||
222 | # Automatic key location | |
223 | # | |
224 | # GnuPG can automatically locate and retrieve keys as needed using the | |
225 | # auto-key-locate option. This happens when encrypting to an email | |
226 | # address (in the "user@example.com" form), and there are no | |
227 | # user@example.com keys on the local keyring. This option takes the | |
228 | # following arguments, in the order they are to be tried: | |
229 | # | |
230 | # cert = locate a key using DNS CERT, as specified in 2538bis | |
231 | # (currently in draft): http://www.josefsson.org/rfc2538bis/ | |
232 | # | |
233 | # pka = locate a key using DNS PKA. | |
234 | # | |
235 | # ldap = locate a key using the PGP Universal method of checking | |
236 | # "ldap://keys.(thedomain)". | |
237 | # | |
238 | # keyserver = locate a key using whatever keyserver is defined using | |
239 | # the keyserver option. | |
240 | # | |
241 | # You may also list arbitrary keyservers here by URL. | |
242 | # | |
243 | # Try CERT, then PKA, then LDAP, then hkp://subkeys.net: | |
244 | #auto-key-locate cert pka ldap hkp://subkeys.pgp.net | |
1afdf944 MF |
245 | |
246 | utf8-strings |