rwx.work/rtfd
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gpg configure

Browse source
This commit is contained in:
Marc Beninca 2019-05-14 11:32:10 +02:00
parent 22c6dba78d
commit 46863f7b64
3 changed files with 89 additions and 89 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
in/public/security/gpg/configure.rst Normal file
View file

@ -0,0 +1,88 @@
Configure
=========
If up:
.. code:: shell
killall -9 gpg-agent
killall -9 dirmngr
wipe if needed
--------------
.. code:: shell
rm --force --recursive ~/.gnupg
mkdir -m 700 ~/.gnupg
check available algorithms
--------------------------
.. code:: shell
gpg --version
avoid default use of SHA256
---------------------------
* gpg.conf
::
keyid-format long
keyserver-options include-revoked
list-options show-uid-validity
no-verbose
verify-options show-uid-validity
with-fingerprint
with-keygrip
with-subkey-fingerprint
export-options export-minimal
no-comments
no-emit-version
default-preference-list SHA512 AES256 BZIP2
cert-digest-algo SHA512
cipher-algo AES256
compress-algo BZIP2
digest-algo SHA512
personal-cipher-preferences AES256
personal-digest-preferences SHA512
personal-compress-preferences BZIP2
s2k-cipher-algo AES256
s2k-digest-algo SHA512
s2k-mode 3
s2k-count 65011712
avoid DL/UL issues, depending on DNS
------------------------------------
* dirmngr.conf
::
standard-resolver
authenticate
------------
* gpg-agent.conf
::
enable-ssh-support
* sshcontrol
KeyGrip to use if there are several
::
KKEEYYGGRRIIPP
* export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)

1
in/public/security/gpg/index.rst
View file

@ -5,4 +5,5 @@ GnuPG
:maxdepth: 2 :maxdepth: 2
overview overview
configure
servers servers

89
in/public/security/gpg/overview.rst
View file

@ -10,95 +10,6 @@ OverView
* sign * sign
* delete * delete
Configure
=========
If up:
.. code:: shell
killall -9 gpg-agent
killall -9 dirmngr
wipe if needed
--------------
.. code:: shell
rm --force --recursive ~/.gnupg
mkdir -m 700 ~/.gnupg
check available algorithms
--------------------------
.. code:: shell
gpg --version
avoid default use of SHA256
---------------------------
* gpg.conf
::
keyid-format long
keyserver-options include-revoked
list-options show-uid-validity
no-verbose
verify-options show-uid-validity
with-fingerprint
with-keygrip
with-subkey-fingerprint
export-options export-minimal
no-comments
no-emit-version
default-preference-list SHA512 AES256 BZIP2
cert-digest-algo SHA512
cipher-algo AES256
compress-algo BZIP2
digest-algo SHA512
personal-cipher-preferences AES256
personal-digest-preferences SHA512
personal-compress-preferences BZIP2
s2k-cipher-algo AES256
s2k-digest-algo SHA512
s2k-mode 3
s2k-count 65011712
avoid DL/UL issues, depending on DNS
------------------------------------
* dirmngr.conf
::
standard-resolver
authenticate
------------
* gpg-agent.conf
::
enable-ssh-support
* sshcontrol
KeyGrip to use if there are several
::
KKEEYYGGRRIIPP
* export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
Generate Generate
======== ========