From 58ccf1c810c6eed4280455ff76906e435005e912 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Thu, 25 May 2023 19:57:21 +0200 Subject: Fix PGP keyserver setup --- tw/home/files/gpg.conf | 133 ++++--------------------------------------------- 1 file changed, 9 insertions(+), 124 deletions(-) (limited to 'tw/home/files/gpg.conf') diff --git a/tw/home/files/gpg.conf b/tw/home/files/gpg.conf index 0d1d77a7..ed39d1ef 100644 --- a/tw/home/files/gpg.conf +++ b/tw/home/files/gpg.conf @@ -1,18 +1,4 @@ # Options for GnuPG -# Copyright 1998-2003, 2010 Free Software Foundation, Inc. -# Copyright 1998-2003, 2010 Werner Koch -# -# This file is free software; as a special exception the author gives -# unlimited permission to copy and/or distribute it, with or without -# modifications, as long as this notice is preserved. -# -# This file is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -# -# Unless you specify which option file to use (with the command line -# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf -# by default. # # An options file can contain any long options which are available in # GnuPG. If the first non white space character of a line is a '#', @@ -20,123 +6,22 @@ # # See the gpg man page for a list of options. +default-key 53EC3C06856883DD92355BC22FC78504681F69B0 +default-recipient-self +use-agent -# If you have more than 1 secret key in your keyring, you may want to -# uncomment the following option and set your preferred keyid. - -#default-key 621CC013 - - -# If you do not pass a recipient to gpg, it will ask for one. Using -# this option you can encrypt to a default key. Key validation will -# not be done in this case. The second form uses the default key as -# default recipient. - -#default-recipient some-user-id -#default-recipient-self - - -# Group names may be defined like this: -# group mynames = paige 0x12345678 joe patti -# -# Any time "mynames" is a recipient (-r or --recipient), it will be -# expanded to the names "paige", "joe", and "patti", and the key ID -# "0x12345678". Note there is only one level of expansion - you -# cannot make an group that points to another group. Note also that -# if there are spaces in the recipient name, this will appear as two -# recipients. In these cases it is better to use the key ID. - -#group mynames = paige 0x12345678 joe patti - - -# GnuPG can automatically locate and retrieve keys as needed using -# this option. This happens when encrypting to an email address (in -# the "user@@example.com" form) and there are no keys matching -# "user@example.com" in the local keyring. This option takes any -# number mechanisms which are tried in the given order. The default -# is "--auto-key-locate local" to search for keys only in the local -# key database. Uncomment the next line to locate a missing key using -# two DNS based mechanisms. - -#auto-key-locate local,pka,dane - - -# Common options for keyserver functions: -# (Note that the --keyserver option has been moved to dirmngr.conf) -# -# include-disabled = when searching, include keys marked as "disabled" -# on the keyserver (not all keyservers support this). -# -# no-include-revoked = when searching, do not include keys marked as -# "revoked" on the keyserver. -# -# verbose = show more information as the keys are fetched. -# Can be used more than once to increase the amount -# of information shown. -# -# auto-key-retrieve = automatically fetch keys as needed from the keyserver -# when verifying signatures or when importing keys that -# have been revoked by a revocation key that is not -# present on the keyring. -# -# no-include-attributes = do not include attribute IDs (aka "photo IDs") -# when sending keys to the keyserver. - -#keyserver-options auto-key-retrieve - - -# Uncomment this line to display photo user IDs in key listings and -# when a signature from a key with a photo is verified. +photo-viewer "imv %i" -#show-photos - - -# Use this program to display photo user IDs -# -# %i is expanded to a temporary file that contains the photo. -# %I is the same as %i, but the file isn't deleted afterwards by GnuPG. -# %k is expanded to the key ID of the key. -# %K is expanded to the long OpenPGP key ID of the key. -# %t is expanded to the extension of the image (e.g. "jpg"). -# %T is expanded to the MIME type of the image (e.g. "image/jpeg"). -# %f is expanded to the fingerprint of the key. -# %% is %, of course. -# -# If %i or %I are not present, then the photo is supplied to the -# viewer on standard input. If your platform supports it, standard -# input is the best way to do this as it avoids the time and effort in -# generating and then cleaning up a secure temp file. -# -# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" -# On Mac OS X and Windows, the default is to use your regular JPEG image -# viewer. -# -# Some other viewers: -# photo-viewer "qiv %i" -# photo-viewer "ee %i" -# photo-viewer "display -title 'KeyID 0x%k'" -# -# This one saves a copy of the photo ID in your home directory: -# photo-viewer "cat > ~/photoid-for-key-%k.%t" -# -# Use your MIME handler to view photos: -# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" +auto-key-locate local,keyserver,cert,pka,dane,wkd +keyserver hkps://keys.openpgp.org +keyserver-options auto-key-retrieve # Because some mailers change lines starting with "From " to ">From " # it is good to handle such lines in a special way when creating # cleartext signatures; all other PGP versions do it this way too. # To enable full OpenPGP compliance you may want to use this option. - #no-escape-from-lines - -# Uncomment the following option to get rid of the copyright notice - -#no-greeting - -default-key 2FC78504681F69B0 - -keyserver hkp://pool.sks-keyservers.net -use-agent -group Friends = DB3DB428A6E2D6DFDAC4531369C6F5CF9FB85A52 +# Get rid of the copyright notice +no-greeting -- cgit v1.2.3