88 lines
1.2 KiB
ReStructuredText
88 lines
1.2 KiB
ReStructuredText
|
Configure
|
||
|
=========
|
||
|
|
||
|
If up:
|
||
|
|
||
|
.. code:: shell
|
||
|
|
||
|
killall -9 gpg-agent
|
||
|
killall -9 dirmngr
|
||
|
|
||
|
wipe if needed
|
||
|
--------------
|
||
|
|
||
|
.. code:: shell
|
||
|
|
||
|
rm --force --recursive ~/.gnupg
|
||
|
mkdir -m 700 ~/.gnupg
|
||
|
|
||
|
check available algorithms
|
||
|
--------------------------
|
||
|
|
||
|
.. code:: shell
|
||
|
|
||
|
gpg --version
|
||
|
|
||
|
avoid default use of SHA256
|
||
|
---------------------------
|
||
|
|
||
|
* gpg.conf
|
||
|
|
||
|
::
|
||
|
|
||
|
keyid-format long
|
||
|
keyserver-options include-revoked
|
||
|
list-options show-uid-validity
|
||
|
no-verbose
|
||
|
verify-options show-uid-validity
|
||
|
with-fingerprint
|
||
|
with-keygrip
|
||
|
with-subkey-fingerprint
|
||
|
|
||
|
no-comments
|
||
|
no-emit-version
|
||
|
|
||
|
default-preference-list SHA512 AES256 BZIP2
|
||
|
|
||
|
cert-digest-algo SHA512
|
||
|
cipher-algo AES256
|
||
|
compress-algo BZIP2
|
||
|
digest-algo SHA512
|
||
|
|
||
|
personal-cipher-preferences AES256
|
||
|
personal-digest-preferences SHA512
|
||
|
personal-compress-preferences BZIP2
|
||
|
|
||
|
s2k-cipher-algo AES256
|
||
|
s2k-digest-algo SHA512
|
||
|
s2k-mode 3
|
||
|
s2k-count 65011712
|
||
|
|
||
|
avoid DL/UL issues, depending on DNS
|
||
|
------------------------------------
|
||
|
|
||
|
* dirmngr.conf
|
||
|
|
||
|
::
|
||
|
|
||
|
standard-resolver
|
||
|
|
||
|
authenticate
|
||
|
------------
|
||
|
|
||
|
* gpg-agent.conf
|
||
|
|
||
|
::
|
||
|
|
||
|
enable-ssh-support
|
||
|
|
||
|
* sshcontrol
|
||
|
|
||
|
KeyGrip to use if there are several
|
||
|
|
||
|
::
|
||
|
|
||
|
KKEEYYGGRRIIPP
|
||
|
|
||
|
* export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
|